Security
Headlines
HeadlinesLatestCVEs

Tag

#vulnerability

GHSA-j86x-pjmr-9m6w: SQL Injection in TYPO3 Frontend Login

Failing to properly escape user input, the frontend login component is vulnerable to SQL Injection. A valid frontend user account is needed to exploit this vulnerability.

ghsa
Open in Source
#sql#vulnerability#git#perl
GHSA-gwfx-p7mr-f92v: Missing Access Check in TYPO3 CMS

Extbase request handling fails to implement a proper access check for requested controller/ action combinations, which makes it possible for an attacker to execute arbitrary Extbase actions by crafting a special request. To successfully exploit this vulnerability, an attacker must have access to at least one Extbase plugin or module action in a TYPO3 installation. The missing access check inevitably leads to information disclosure or remote code execution, depending on the action that an attacker is able to execute.

GHSA-xvcp-33rc-j8gq: Insecure Unserialize in TYPO3 Import/Export

Failing to properly validate incoming import data, the Import/Export component is susceptible to insecure unserialize. To exploit this vulnerability a valid backend user account is needed.

GHSA-86r8-4g3w-7xjp: Cross-Site Scripting in TYPO3 Backend

Failing to properly encode user input, some backend components are vulnerable to Cross-Site Scripting. A valid backend user account is needed to exploit this vulnerability.

GHSA-v5jp-4h2p-j2p4: Privilege Escalation in TYPO3 CMS

The workspace/ version preview link created by a privileged (backend) user could be abused to obtain certain editing permission, if the admin panel is configured to be shown. A valid preview link is required to exploit this vulnerability.

GHSA-5wx6-xwxf-q8qj: Cross-Site Scripting in TYPO3 Backend

Failing to properly encode user input, some backend components are vulnerable to Cross-Site Scripting. A valid backend user account is needed to exploit this vulnerability.

GHSA-4m3g-6r7g-jv4f: Arbitrary JavaScript execution due to using outdated libraries

### Summary gradio-pdf projects with dependencies on the pdf.js library are vulnerable to CVE-2024-4367, which allows arbitrary JavaScript execution. ### PoC 1. Generate a pdf file with a malicious script in the fontmatrix. (This will run `alert(‘XSS’)`.) [poc.pdf](https://github.com/user-attachments/files/15516798/poc.pdf) 2. Run the app. In this PoC, I've used the demo for a simple proof. ![1](https://github.com/freddyaboulton/gradio-pdf/assets/114328108/d1bb7626-3d0f-4984-8873-297658d6e77e) 3. Upload a PDF file containing the script. ![2](https://github.com/freddyaboulton/gradio-pdf/assets/114328108/803d8080-c946-446e-bb34-cf5640e1b4de) 4. Check that the script is running. ![3](https://github.com/freddyaboulton/gradio-pdf/assets/114328108/4956b95f-acca-4bb1-a3c2-7dfc96adf890) ### Impact Malicious scripts can be injected into the code, and when linked with vulnerabilities such as CSRF, it can cause even greater damage. In particular, It can become a source of further attacks, e...

GHSA-rhc2-23c2-ww7c: Remote code execution in web server context

### Impact User with administrative privileges and upload files that look like images but contain PHP code which can then be executed in the context of the web server.

GHSA-jmh9-6rjq-gjh9: Vulnerable embedded jQuery Version

### Summary PIMCore uses the JavaScript library jQuery in version 3.4.1. This version is vulnerable to cross-site-scripting (XSS). ### Details In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. Publish Date: 2020-04-29 URL:= https://security.snyk.io/package/npm/jquery/3.4.1

Hackers Leak 221,470 Users’ Data in “Tech in Asia” News Outlet Breach

A data breach at Tech in Asia has exposed the personal information of 221,470 users. Learn more about…