#web

Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information.

Categories: Personal Tags: chrome Tags: browser Tags: rogue Tags: malicious Tags: malware Tags: extension Tags: remove Tags: delete Tags: uninstall We take a look at news that Chrome will soon start asking users if they want to remove outdated extensions. (Read more...) The post Chrome will soon start removing extensions that may be unsafe appeared first on Malwarebytes Labs.

Categories: News Tags: QR codes Tags: attachment Tags: phishing Tags: Bing Tags: Microsoft Tags: credentials Researchers have been monitoring a phishing campaign that uses QR codes and Bing redirects to lead targets to phishing sites. (Read more...) The post QR codes used to phish for Microsoft credentials appeared first on Malwarebytes Labs.

# Description wallabag was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily reset annotations, entries and tags, by the GET request to `/reset/annotations`, `/reset/entries`, `/reset/tags`, `/reset/archived`. This vulnerability has a CVSSv3.1 score of 4.3. **You should immediately patch your instance to version 2.6.3 or higher if you have more than one user and/or having open registration**. # Resolution These actions are now doable only via POST method, which ensures that we can't do them via a 3rd-party website. # Credits We would like to thank @zpbrent for reporting this issue through huntr.dev. Reference: https://huntr.dev/bounties/4ee0ef74-e4d4-46e7-a05c-076bce522299/

# Description wallabag was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily delete API key via `/developer/client/delete/{id}` This vulnerability has a CVSSv3.1 score of 6.5. **You should immediately patch your instance to version 2.6.3 or higher if you have more than one user and/or having open registration**. # Resolution This action is now doable only via POST method, which ensures that we can't do it via a 3rd-party website. # Credits We would like to thank @tht1997 for reporting this issue through huntr.dev. Reference: https://huntr.dev/bounties/5ab1b206-5fe8-4737-b275-d705e76f193a/

### Impact Any registered user can exploit a stored XSS through their user profile by setting the payload as the value of the time zone user preference. Even though the time zone is selected from a drop down (no free text value) it can still be set from JavaScript (using the browser developer tools) or by calling the save URL on the user profile with the right query string. Once the time zone is set it is displayed without escaping which means the payload gets executed for any user that visits the malicious user profile, allowing the attacker to steal information and even gain more access rights (escalation to programming rights). The problem is present [since version 4.1M2](https://jira.xwiki.org/browse/XWIKI-7847) when the time zone user preference was introduced. ### Patches The issue has been fixed in XWiki 14.10.5 and 15.1RC1 by https://github.com/xwiki/xwiki-platform/commit/d11ca5d781f8a42a85bc98eb82306c1431e764d4 . The main fix is in the [``displayer_timezone.vm``](https://g...

An update is now available for Red Hat Ansible Automation Platform 2.4 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24580: A memory exhaustion flaw was found in the python-django package. This issue occurs when passing certain inputs, leading to a system crash and denial of service. * CVE-2023-36053: A regular expression denial of service vulnerability has been found in Django. Email and URL validators are vulnerable to this flaw when processing a very large number o...

Academy LMS version 6.1 suffers from an upload vulnerability that could lead to persistent cross site scripting attacks.

Credit Lite version 1.5.4 suffers from a remote SQL injection vulnerability.

Ubuntu Security Notice 6267-3 - USN-6267-1 fixed vulnerabilities and USN-6267-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. Mark Brand discovered that Firefox did not properly validate the size of an untrusted input strea...