#web

## Summary There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails >= 7.1.0. * Versions affected: 1.6.0 * Not affected: < 1.6.0 * Fixed versions: 1.6.1 ## Impact A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer may allow an attacker to inject content if HTML5 sanitization is enabled and the application developer has overridden the sanitizer's allowed tags in the following way: - the "math", "mtext", "table", and "style" elements are allowed - and either "mglyph" or "malignmark" are allowed Code is only impacted if Rails is configured to use HTML5 sanitization, please see documentation for [`config.action_view.sanitizer_vendor`](https://guides.rubyonrails.org/configuring.html#config-action-view-sanitizer-vendor) and [`config.action_text.sanitizer_vendor`](https://guides.rubyonrails.org/configuring.html#config-action-text-sanitizer-vendor) for more information on these configuration opt...

## Summary There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails >= 7.1.0. * Versions affected: 1.6.0 * Not affected: < 1.6.0 * Fixed versions: 1.6.1 ## Impact A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer may allow an attacker to inject content if HTML5 sanitization is enabled and the application developer has overridden the sanitizer's allowed tags in the following way: - the "math" and "style" elements are both explicitly allowed Code is only impacted if Rails is configured to use HTML5 sanitization, please see documentation for [`config.action_view.sanitizer_vendor`](https://guides.rubyonrails.org/configuring.html#config-action-view-sanitizer-vendor) and [`config.action_text.sanitizer_vendor`](https://guides.rubyonrails.org/configuring.html#config-action-text-sanitizer-vendor) for more information on these configuration options. The default configuration is to disallow these...

## Summary There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails >= 7.1.0 and Nokogiri < 1.15.7, or 1.16.x < 1.16.8. * Versions affected: 1.6.0 * Not affected: < 1.6.0 * Fixed versions: 1.6.1 Please note that the fix in v1.6.1 is to update the dependency on Nokogiri to 1.15.7 or >= 1.16.8. ## Impact A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer may allow an attacker to inject content if HTML5 sanitization is enabled and the application developer has overridden the sanitizer's allowed tags in either of the following ways: * allow both "math" and "style" elements * or allow both "svg" and "style" elements Code is only impacted if Rails is configured to use HTML5 sanitization, please see documentation for [`config.action_view.sanitizer_vendor`](https://guides.rubyonrails.org/configuring.html#config-action-view-sanitizer-vendor) and [`config.action_text.sanitizer_vendor`](https://g...

Mongoose before 8.8.3 can improperly use $where in match.

AWS Security Incident Response will help security teams defend their organizations from account takeovers, breaches, ransomware attacks, and other types of security threats.

SUMMARY Cybersecurity researchers at Trustwave have discovered “Rockstar 2FA,” a phishing-as-a-service platform designed to help hackers and script…

Omada Identity versions prior to 15U1 and 14.14 hotfix #309 suffer from a persistent cross site scripting vulnerability.

### Impact This is not a vulnerability in the code per se, but included Varnish VCL templates enable compression of API and JSON messages. This is a potential case of the BREACH vulnerability, which affects HTTP compression, where secrets can be extracted through carefully crafted requests. The fix disables compression in these templates. Please make sure to make the same change in your configuration files, see the release notes for specific instructions. Please check your web server configuration as well. ### Patches - See "Patched versions". - https://github.com/ibexa/http-cache/commit/e03f683e8db53b6d253e1af8177befeecc8d3914 ### Workarounds Make sure HTTP compression is disabled for REST API requests and other communication that might contain secrets. ### References - Advisory: https://developers.ibexa.co/security-advisories/ibexa-sa-2024-006-vulnerabilities-in-content-name-pattern-commerce-shop-and-varnish-vhost-templates - Release notes: https://doc.ibexa.co/en/latest/update_an...

### Impact This is not a vulnerability in the code per se, but included Varnish VCL templates enable compression of API and JSON messages. This is a potential case of the BREACH vulnerability, which affects HTTP compression, where secrets can be extracted through carefully crafted requests. The fix disables compression in these templates. Please make sure to make the same change in your configuration files, see the release notes for specific instructions. Please check your web server configuration as well. ### Patches - See "Patched versions". - https://github.com/ezsystems/ezplatform-http-cache/commit/ca8a5cf69b2c14fbec90412aeeef5c755c51457b ### Workarounds Make sure HTTP compression is disabled for REST API requests and other communication that might contain secrets. ### References - Advisory: https://developers.ibexa.co/security-advisories/ibexa-sa-2024-006-vulnerabilities-in-content-name-pattern-commerce-shop-and-varnish-vhost-templates - Release notes: https://doc.ibexa.co/en/l...

Various Siemens products suffer from vulnerabilities. There is an unlocked JTAG Interface for Zynq-7000 on SM-2558 and a buffer overflow on the webserver of the SM-2558, CP-2016, and CP-2019 systems.