#vulnerability

Investigators link the $1.4B Bybit hack to North Korea’s Lazarus Group, exposing a major crypto heist tied to state-backed cybercrime and money laundering.

Versions of the package tarteaucitronjs before 1.17.0 are vulnerable to Cross-site Scripting (XSS) via the getElemWidth() and getElemHeight(). This is related to [SNYK-JS-TARTEAUCITRONJS-8366541](https://security.snyk.io/vuln/SNYK-JS-TARTEAUCITRONJS-8366541)

A vulnerability classified as problematic was found in opensolon Solon up to 3.0.8. This vulnerability affects unknown code of the file solon-projects/solon-web/solon-web-staticfiles/src/main/java/org/noear/solon/web/staticfiles/StaticMappings.java. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.9 is able to address this issue. The name of the patch is f46e47fd1f8455b9467d7ead3cdb0509115b2ef1. It is recommended to upgrade the affected component.

Plus: Apple turns off end-to-end encrypted iCloud backups in the UK after pressure to install a backdoor, and two spyware apps expose victim data—and the identities of people who installed the apps.

### Summary There is a cross-site scripting vulnerability on To-Do that affects a title field of a To-Do.

### Summary HTML can be arbitrarily injected into emails from Leantime due to improper neutralization of HTML tags in users' first names. This effectively allows for the creation of phishing emails from a Leantime instance's email address.

### Finding Description Application has functionality for a user to view profile information. It does not have an implemented authorization check for "Host" parameter which allows a user to view profile information of another user by replacing "Host" parameter. ### Impact By exploiting this vulnerability an attacker can able to view profile information (but not anything else or change anything)

### Impact A heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versions prior to v0.28.0, such as v0.27.7, are **not** affected. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `fixiso`. ### Patches The bug is fixed in version v0.28.5. ### References Issue: https://github.com/Exiv2/exiv2/issues/3168 Fix: https://github.com/Exiv2/exiv2/pull/3174 ### For more information Please see our [s...

### Description Leantime allows stored cross-site scripting (XSS) in the API key name while generating the API key. ### Impact Any low privileged user like manager, or editor, can create an API key with XSS payload. When admin will visit the Company page, the XSS will automatically get triggerred leading to the unauthorized action performed from the ADMIN account. Like, removing any user, or adding someone else as high privilege, and many more.

**CSRF** ### Summary A cross-site request forgery vulnerability allows a remote actor to create an account with Owner privileges. By luring an Owner or Administrator into clicking a button on an attacker-controlled website, a request will be issued, generating an account with the attacker's information and role of their choosing. ### Impact While the likelihood of a successful exploit is low, the impact would be high as the attacker could then gain complete control over the victim's environment.