Security
Headlines
HeadlinesLatestCVEs

Tag

#web

GHSA-j24h-xcpc-9jw8: Eclipse IDE XXE in eclipse.platform

### Impact xml files like ".project" are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch). Vulnerablility was found by static code analysis (SonarLint). Example `.project` file: ``` <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE price [ <!ENTITY xxe SYSTEM "http://127.0.0.1:49416/evil">]> <projectDescription> <name>p</name> <comment>&xxe;</comment> </projectDescription> ``` ### Patches Similar patches including junit test that shows the vulnerability have already applied to PDE (see https://github.com/eclipse-pde/eclipse.pde/pull/667). A solution to platform should be the same: just reject parsing any XML that contains any `DOCTYPE`. ### Workarounds No known workaround. User can only avoid to get/open any foreign files with eclipse. Firewall rules against loss of data (but not against XML bomb). ### References https://cwe.mit...

ghsa
#vulnerability#web#git#java#maven
Android Banking Malware FjordPhantom Steals Funds Via Virtualization

By Waqas Thus far, the FjordPhantom malware has defrauded victims of around $280,000 (£225,000). This is a post from HackRead.com Read the original post: Android Banking Malware FjordPhantom Steals Funds Via Virtualization

CVE-2023-6352: Tiff Server security update - Aquaforest

The default configuration of Aquaforest TIFF Server allows access to arbitrary file paths, subject to any restrictions imposed by Internet Information Services (IIS) or Microsoft Windows. Depending on how a web application uses and configures TIFF Server, a remote attacker may be able to enumerate files or directories, traverse directories, bypass authentication, or access restricted files.

CVE-2023-6342: Courts & Justice | Courts & Public Safety

Tyler Technologies Court Case Management Plus allows a remote attacker to authenticate as any user by manipulating at least the 'CmWebSearchPfp/Login.aspx?xyzldk=' and 'payforprint_CM/Redirector.ashx?userid=' parameters. The vulnerable "pay for print" feature was removed on or around 2023-11-01.

Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus

The prolific threat actor has laundered hundreds of millions of dollars in stolen virtual currency through the service.

CVE-2023-6438

A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /WebArticle/articles/ of the component Like Handler. The manipulation leads to improper enforcement of a single, unique action. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-246438 is the identifier assigned to this vulnerability.

CVE-2023-38400: WordPress Enfold theme <= 5.6.4 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4.

CVE-2023-47521: WordPress Q2W3 Post Order plugin <= 1.2.8 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond, AndreSC Q2W3 Post Order allows Reflected XSS.This issue affects Q2W3 Post Order: from n/a through 1.2.8.

CVE-2023-47877: WordPress Perfmatters plugin <= 2.2.0 - Stored Cross Site Scripting (XSS) vulnerability - Patchstack

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Perfmatters allows Stored XSS.This issue affects Perfmatters: from n/a before 2.2.0.