#mac

GHSA-4xm7-5q79-3fch: XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in DeleteApplication page

### Impact Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the DeleteApplication page to perform a XSS, e.g. by using URL such as: > xwiki/bin/view/AppWithinMinutes/DeleteApplication?appName=Menu&resolve=true&xredirect=javascript:alert(document.domain) This vulnerability exists since XWiki 6.2-milestone-1. ### Patches The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1. ### Workarounds It's possible to workaround the vulnerability by editing the page AppWithinMinutes.DeleteApplication to perform checks on it, but note that the appropriate fix involves new APIs that have been recently introduced in XWiki. See the referenced jira tickets. ### References * Jira ticket about the vulnerability: https://jira.xwiki.org/browse/XWIKI-20614 * Introduction of the macro used for fixing all those vulnerabilities: https://jira.xwiki.org/browse/XWIKI-20583 * Commit containing the actual fix in the page...

1 year ago

ghsa

Open in Source

#xss #vulnerability #mac #git #java #jira #maven

GHSA-r8xc-xxh3-q5x3: XWiki Platform vulnerable to reflected cross-site scripting via back and xcontinue parameters in resubmit template

### Impact Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the resubmit template to perform a XSS, e.g. by using URL such as: > xwiki/bin/view/XWiki/Main?xpage=resubmit&resubmit=javascript:alert(document.domain)&xback=javascript:alert(document.domain) This vulnerability exists since XWiki 2.5-milestone-2. ### Patches The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1. ### Workarounds It's possible to workaround the vulnerability by editing the template resubmit.vm to perform checks on it, but note that the appropriate fix involves new APIs that have been recently introduced in XWiki. See the referenced jira tickets. ### References * Jira ticket about the vulnerability: https://jira.xwiki.org/browse/XWIKI-20343 * Introduction of the macro used for fixing all those vulnerabilities: https://jira.xwiki.org/browse/XWIKI-20583 * Commit containing the actual fix in the page: https://github.co...

1 year ago

ghsa

Open in Source

#xss #vulnerability #web #mac #git #java #jira #maven

GHSA-x234-mg7q-m8g8: XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in deletespace template

### Impact Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the deletespace template to perform a XSS, e.g. by using URL such as: > xwiki/bin/deletespace/Sandbox/?xredirect=javascript:alert(document.domain) This vulnerability exists since XWiki 3.4-milestone-1. ### Patches The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1. ### Workarounds It's possible to workaround the vulnerability by editing the template deletespace.vm to perform checks on it, but note that the appropriate fix involves new APIs that have been recently introduced in XWiki. See the referenced jira tickets. ### References * Jira ticket about the vulnerability: https://jira.xwiki.org/browse/XWIKI-20612 * Introduction of the macro used for fixing all those vulnerabilities: https://jira.xwiki.org/browse/XWIKI-20583 * Commit containing the actual fix in the template: https://github.com/xwiki/xwiki-platform/commit/5c20ff5e3bd...

1 year ago

ghsa

Open in Source

#xss #vulnerability #web #mac #git #java #jira #maven

GHSA-mwxj-g7fw-7hc8: XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in restore template

### Impact Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the restore template to perform a XSS, e.g. by using URL such as: > /xwiki/bin/view/XWiki/Main?xpage=restore&showBatch=true&xredirect=javascript:alert(document.domain) This vulnerability exists since XWiki 9.4-rc-1. ### Patches The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1. ### Workarounds It's possible to workaround the vulnerability by editing the template restore.vm to perform checks on it, but note that the appropriate fix involves new APIs that have been recently introduced in XWiki. See the referenced jira tickets. ### References * Vulnerability in restore template: https://jira.xwiki.org/browse/XWIKI-20352 * Introduction of the macro used for fixing this vulnerability: https://jira.xwiki.org/browse/XWIKI-20583 * Commit containing the actual fix in the template: https://github.com/xwiki/xwiki-platform/commit/d5472100...

1 year ago

ghsa

Open in Source

#xss #vulnerability #mac #git #java #jira #maven

GHSA-834c-x29c-f42c: XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in delete template

### Impact Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the delete template to perform a XSS, e.g. by using URL such as: > xwiki/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=delete.vm&xredirect=javascript:alert(document.domain) This vulnerability exists since XWiki 6.0-rc-1. ### Patches The vulnerability has been patched in XWiki 14.10.6 and 15.1. Note that a partial patch has been provided in 14.10.5 but wasn't enough to entirely fix the vulnerability. ### Workarounds It's possible to workaround the vulnerability by editing the template delete.vm to perform checks on it, but note that the appropriate fix involves new APIs that have been recently introduced in XWiki. See the referenced jira tickets. ### References * Jira ticket about the original vulnerability: https://jira.xwiki.org/browse/XWIKI-20341 * Commit containing the first fix in the template: https://github.com/xwiki/xwiki-platform/comm...

1 year ago

ghsa

Open in Source

#xss #vulnerability #mac #git #java #jira #maven

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. "smishing") messages that spoofed UPS and other top brands. The missives addressed recipients by name, included details about recent orders, and warned that those orders wouldn't be shipped unless the customer paid an added delivery fee.

1 year ago

Krebs on Security

Open in Source

#web #mac #apple #git #firefox #blog

Cybersecurity hotlines at colleges could go a long way toward filling the skills gap

These clinics offers pro-bono cybersecurity services — like incident response, general advice and ransomware defense — to community organizations, non-profits and small businesses that normally couldn’t afford to pay a private company for these same services.

1 year ago

TALOS

Open in Source

#sql #vulnerability #web #mac #microsoft #cisco #intel #rce #auth #zero_day

MULTI#STORM Campaign Targets India and U.S. with Remote Access Trojans

A new phishing campaign codenamed MULTI#STORM has set its sights on India and the U.S. by leveraging JavaScript files to deliver remote access trojans on compromised systems. "The attack chain ends with the victim machine infected with multiple unique RAT (remote access trojan) malware instances, such as Warzone RAT and Quasar RAT," Securonix researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov

1 year ago

The Hacker News

Open in Source

#vulnerability #web #mac #windows #microsoft #js #java #pdf #The Hacker News

6 Attack Surfaces You Must Protect

More connectivity means more potential ways into your enterprise, so securing every main attack surface is imperative.

1 year ago

DARKReading

Open in Source

#vulnerability #mac #microsoft #git #intel #auth

USB Drives Spread Spyware as China's Mustang Panda APT Goes Global

Camaro Dragon (Mustang Panda) is spreading a malware variant of WispRider quickly across the globe even through air gaps, often unbeknownst to users.