GHSA-75jv-vfxf-3865: Assemblyline 4 service client vulnerable to Arbitrary Write through path traversal in Client code 

GHSA-p9qm-p942-q3w5: XWiki Platform vulnerable to SQL injection through XWiki#searchDocuments API

GHSA-m837-g268-mmv7: Node-SAML SAML Authentication Bypass

GHSA-vr59-gm53-v7cq: XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter

GHSA-526j-mv3p-f4vv: eKuiper API endpoints handling SQL queries with user-controlled table names. 

### Impact
Much like https://github.com/vantage6/vantage6/security/advisories/GHSA-45gq-q4xh-cp53, it is possible to find which usernames exist in vantage6 by calling the API routes `/recover/lost` and `/2fa/lost`, which send emails to users if they have lost their password or MFA token. Usernames can be found by assessing response time differences, and additionally, they can be found because the endpoint gives a response "Failed to login" if the username exists.

### Patches
No

### Workarounds
No

**vantage6 vulnerable to a username timing attack on recover password/MFA token**

Moderate severity GitHub Reviewed Published Mar 14, 2024 in vantage6/vantage6 • Updated Mar 15, 2024

Headline

GHSA-5h3x-6gwf-73jm: vantage6 vulnerable to a username timing attack on recover password/MFA token

Impact

Patches

Workarounds

ghsa: Latest News