Security
Headlines
HeadlinesLatestCVEs

Tag

#java

Red Hat Security Advisory 2023-1044-01

Red Hat Security Advisory 2023-1044-01 - Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.2 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, html injection, memory exhaustion, server-side request forgery, and traversal vulnerabilities.

Packet Storm
#xss#vulnerability#web#linux#red_hat#dos#apache#js#java#rce#ssrf#auth#ssh
On Shaky Ground: Why Dependencies Will Be Your Downfall

There's never enough time or staff to scan code repositories. To avoid dependency confusion attacks, use automated CI/CD tools to make fixes in hard-to-manage software dependencies.

CVE-2023-26053: Merge pull request #23946 Trusted GPG-key should only accept 160-bit … · gradle/gradle@bf3cc0f

Gradle is a build tool with a focus on build automation and support for multi-language development. This is a collision attack on long IDs (64bits) for PGP keys. Users of dependency verification in Gradle are vulnerable if they use long IDs for PGP keys in a `trusted-key` or `pgp` element in their dependency verification metadata file. The fix is to fail dependency verification if anything but a fingerprint is used in a trust element in dependency verification metadata. The problem is fixed in Gradle 8.0 and above. The problem is also patched in Gradle 6.9.4 and 7.6.1. As a workaround, use only full fingerprint IDs for `trusted-key` or `pgp` element in the metadata is a protection against this issue.

CVE-2023-1147: Stored XSS through post comment body in flatpress

Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.

CVE-2023-1146: Stored XSS via blog author parameter on admin.php?p=config in flatpress

Cross-site Scripting (XSS) - Generic in GitHub repository flatpressblog/flatpress prior to 1.3.

Internet Explorer users still targeted by RIG exploit kit

Categories: News Tags: RIG EK Tags: exploit kit Tags: MakeMoney Tags: Internet Explorer Tags: Jerome Segura The RIG Exploit Kit is one of the last major exploit kits that still targets the legacy Internet Explorer browser. (Read more...) The post Internet Explorer users still targeted by RIG exploit kit appeared first on Malwarebytes Labs.

CVE-2023-1106: Unsanitized input returned in response is conducive to XSS exploitation in flatpress

Cross-site Scripting (XSS) - Reflected in GitHub repository flatpressblog/flatpress prior to 1.3.

CVE-2023-22462: Grafana security release: New versions with security fixes for CVE-2023-0594, CVE-2023-0507, and CVE-2023-22462

Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker needs to have the Editor role in order to change a Text panel to include JavaScript. Another user needs to edit the same Text panel, and click on "Markdown" or "HTML" for the code to be executed. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. This issue has been patched in versions 9.2.10 and 9.3.4.

CVE-2023-26046: feat: unescape any HTML entities · kitabisa/teler-waf@d1d49cf

teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. In teler-waf prior to version 0.1.1 is vulnerable to bypassing common web attack rules when a specific HTML entities payload is used. This vulnerability allows an attacker to execute arbitrary JavaScript code on the victim's browser and compromise the security of the web application. The vulnerability exists due to teler-waf failure to properly sanitize and filter HTML entities in user input. An attacker can exploit this vulnerability to bypass common web attack threat rules in teler-waf and launch cross-site scripting (XSS) attacks. The attacker can execute arbitrary JavaScript code on the victim's browser and steal sensitive information, such as login credentials and session tokens, or take control of the victim's browser and perform malicious actions. This issue has been fixed in version 0.1.1.

GHSA-96hp-38wx-j3wc: Pimcore vulnerable to Cross Site Scripting in Email Blacklist

### Impact The attacker can execute arbitrary JavaScript and steal Cookies information and use them to hijack the user's session. ### Patches Update to version 10.5.18 or apply this patch manually https://github.com/pimcore/pimcore/pull/14467.patch ### Workarounds Apply https://github.com/pimcore/pimcore/pull/14467.patch manually. ### References https://huntr.dev/bounties/3245ff99-9adf-4db9-af94-f995747e09d1/