The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the ~/inc/api/class-view.php file which allows attackers with administrative level permissions to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 4.7.4.

CVE-2021-4134: Vulnerability Advisories - Wordfence

Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

CVE-2022-0612

In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery (CSRF).

Um Unternehmen vor Hackern und Kriminellen zu schützen, müssen wir sicherstellen, dass unsere Fähigkeiten und Kenntnisse stets auf dem neuesten Stand sind. Deshalb ist die Sicherheitsforschung für unsere Arbeit ebenso wichtig wie der Aufbau einer Security Community zur Förderung des Wissensaustausches. Denn mehr Sicherheit kann nur erreicht werden, wenn viele sie zu ihrer Aufgabe machen.

Unsere CST Academy und das usd HeroLab sind wesentliche Bestandteile unserer Sicherheitsmission. Das Wissen, das wir in unserer praktischen Arbeit und durch unsere Forschung gewinnen, teilen wir in Schulungen und Publikationen. In diesem Zusammenhang veröffentlicht das usd HeroLab eine Reihe von Beiträgen zu aktuellen Schwachstellen und Sicherheitsproblemen – stets im Einklang mit den Leitsätzen unserer Responsible Disclosure Policy.

Immer im Namen unserer Mission: „more security“.

Hier finden Sie die Security Advisories der vergangenen Monate:

**09/2020**

**!!nicht bearbeiten!!**

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

**usd-2020-0048 (CVE-2020-24708) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: Stored Cross-Site Scripting

More details: usd-2020-0048 (CVE-2020-24708)

**usd-2020-0049 (CVE-2020-24709) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: Stored Cross-Site Scripting

More details: usd-2020-0049 (CVE-2020-24709)

**usd-2020-0050 (CVE-2020-24712) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: non-persistent self Cross-Site Scripting

More details: usd-2020-0050 (CVE-2020-24712)

**usd-2020-0051 (CVE-2020-24711) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: Improper Restriction of Rendered UI Layers or Frames

More details: usd-2020-0051 (CVE-2020-24711)

**usd-2020-0052 (CVE-2020-24707) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: CSV Injection

More details: usd-2020-0052 (CVE-2020-24707)

**usd-2020-0053 (CVE-2020-24713) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: Insufficient Session Expiration

More details: usd-2020-0053 (CVE-2020-24713)

**usd-2020-0054 (CVE-2020-24710) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: Stored Cross-Site Scripting

More details: usd-2020-0054 (CVE-2020-24710)

**usd-2020-0059 (CVE-2020-15862) | Net-SNMP**

Product: Net-SNMP, Affected Version: 5.7.3  
Vulnerability Type: Elevation of Privileges

More details: usd-2020-0059 (CVE-2020-15862)

**usd-2020-0060 (CVE-2020-15861) | Net-SNMP**

Product: Net-SNMP, Affected Version: 5.7.3  
Vulnerability Type: Elevation of Privileges

More details: usd-2020-0060 (CVE-2020-15861)

**07/2019**

**!!nicht bearbeiten!!**

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

**usd-2019-0001 | Adobe Experience Manager (AEM)**

Product: Adobe Experience Manager (AEM), Affected Version: 6.3.2.2  
Vulnerability Type: Code Injection

More details: usd-2019-0001

**usd-2019-0002 | feeling4design Super Forms**

Product: feeling4design Super Forms, Affected Version: Drag & Drop Form Builder/1.0.0 – 4.4.8  
Vulnerability Type: Path Traversal

More details: usd-2019-0002

**usd-2019-0003 | feeling4design Super Forms**

Product: feeling4design Super Forms, Affected Version: Drag & Drop Form Builder/1.6.1 – 4.4.8  
Vulnerability Type: Missing Server Side File Type Validation

More details: usd-2019-0003

**usd-2019-0014 | Oracle Transportation Management (OTM)**

Product: Oracle Transportation Management (OTM), Affected Version: 6.4.3  
Vulnerability Type: Reflected XSS

More details: usd-2019-0014

**usd-2019-0015 | Bitbucket**

Product: Bitbucket, Affected Version: 5.10.1  
Vulnerability Type: Broken Access Control

More details: usd-2019-0015

**usd-2019-0017 | Bitbucket**

Product: Bitbucket, Affected Version: 5.10.1  
Vulnerability Type: Sensitive Data Exposure/Credentials Disclosure

More details: usd-2019-0017

**usd-2019-0018 | Bitbucket**

Product: Bitbucket, Affected Version: 5.10.1  
Vulnerability Type: User Enumeration

More details: usd-2019-0018

**usd-2019-0019 | Bitbucket**

Product: Bitbucket, Affected Version: 5.10.1  
Vulnerability Type: File Enumeration

More details: usd-2019-0019

**usd-2019-0020 | Bitbucket**

Product: Bitbucket, Affected Version: 5.10.1  
Vulnerability Type: Sensitive Data in URL

More details: usd-2019-0020

**12/2018**

**Ihr Titel**

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

**usd-2018-0024 | Shpock App**

Product: Shpock App, Affected Version: Shpock App for Andriod & Iphone  
Vulnerability Type: Username Enumeration

More details: usd-2018-0024

**usd-2018-0025 (CVE-2018-7750) | SEP sesam**

Product: SEP sesam, Affected Version: 4.4.3.61  
Vulnerability Type: Authentication Bypass

More details: usd-2018-0025 (CVE-2018-7750)

**usd-2018-0026 (CVE-2018-18245) | Nagios Core**

Product: Nagios Core, Affected Version: 4.4.2  
Vulnerability Type: Stored XSS

More details: usd-2018-0026 (CVE-2018-18245)

**usd-2018-0027 (CVE-2018-18246) | Icinga Web 2**

Product: Icinga Web 2, Affected Version: 2.6.1  
Vulnerability Type: CSRF

More details: usd-2018-0027 (CVE-2018-18246)

**usd-2018-0028 (CVE-2018-18248) | Icinga Web 2**

Product: Icinga Web 2, Affected Version: 2.6.1  
Vulnerability Type: Reflected XSS

More details: usd-2018-0028 (CVE-2018-18248)

**usd-2018-0029 (CVE-2018-18247) | Icinga Web 2**

Product: Icinga Web 2, Affected Version: 2.6.1  
Vulnerability Type: Stored XSS

More details: usd-2018-0029 (CVE-2018-18247)

**usd-2018-0030 (CVE-2018-18249, CVE-2018-18250) | Icinga Web 2**

Product: Icinga Web 2, Affected Version: 2.6.1  
Vulnerability Type: Denial of Service, Sensitive Data disclosure

More details: usd-2018-0030 (CVE-2018-18249, CVE-2018-18250)

**usd-2018-0031 (CVE-2018-13376) | Fortigate 900D**

Product: Fortigate 900D, Affected Version: FW: V. 5.6.2 Build 1486 (GA)  
Vulnerability Type: Sensitive Data disclosure

More details: usd-2018-0031 (CVE-2018-13376)

CVE-2022-25241: Security Advisories - usd HeroLab

A reflected cross-site scripting (XSS) in ScratchOAuth2 before commit 1603f04e44ef67dde6ccffe866d2dca16defb293 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.

Permalink

Browse files

SECURITY: Escape username in invalid username error

POST request with invalid usernames to SpecialScratchOAuth2 page in 
ScratchOAuth2 may lead to reflected cross-site scripting.

*   Loading branch information

![@apple502j](https://avatars.githubusercontent.com/u/33279053?s=40&v=4)

1 parent d856dc7 commit 1603f04e44ef67dde6ccffe866d2dca16defb293

Showing with **1 addition** and **1 deletion**.

1.  +1 −1 includes/special/SpecialScratchOAuth2.php

@@ -69,7 +69,7 @@ public function specialLogin( $error = null ) {

$username = $request\->getVal( 'username', '', );

if (!preg\_match(SOA2\_USERNAME\_REGEX, $username)) {

$this\->specialLogin(

wfMessage('soa2-invalid-username', $username)->plain()

wfMessage('soa2-invalid-username')->plaintextParams($username)->parse()

);

return;

}

**0 comments on commit `1603f04`**

Please sign in to comment.

CVE-2021-46251: SECURITY: Escape username in invalid username error · ScratchVerifier/ScratchOAuth2@1603f04

Missing permission checks in Jenkins Checkmarx Plugin 2022.1.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVE-2022-25201: Jenkins Security Advisory 2022-02-15

A cross-site request forgery (CSRF) vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.

CVE-2022-25198: Jenkins Security Advisory 2022-02-15

Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker.

CVE-2022-25188: Jenkins Security Advisory 2022-02-15

A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM through crafted SCM contents, if a global Pipeline library already exists.

CVE-2022-25181: Jenkins Security Advisory 2022-02-15

Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key.

CVE-2022-25186: Jenkins Security Advisory 2022-02-15

Jenkins GitLab Authentication Plugin 1.13 and earlier records the HTTP Referer header as part of the URL query parameters when the authentication process starts, allowing attackers with access to Jenkins to craft a URL that will redirect users to an attacker-specified URL after logging in.

Tag

#xss