Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-x3qh-53qf-jxq9: Jenkins Gitea Plugin vulnerable to Cleartext Transmission of Sensitive Information

In Jenkins Gitea Plugin 1.4.4 and earlier, the implementation of Gitea personal access tokens did not support credentials masking, potentially exposing them through the build log. Gitea Plugin 1.4.5 adds support for masking of Gitea personal access tokens. Administrators unable to update are advised to use SSH checkout instead.

ghsa
#git#ssh
GHSA-cp9c-phxx-55xm: phpMyFAQ vulnerable to Cross-site Scripting

phpMyFAQ prior to version 3.1.9 is vulnerable to reflected Cross-site Scripting (XSS).

GHSA-rjf6-wj7r-5fj2: phpMyFAQ vulnerable to Cross-site Scripting

phpMyFAQ prior to version 3.1.9 is vulnerable to stored Cross-site Scripting (XSS).

GHSA-wpgc-5cr5-h9gg: phpMyFAQ has insecure HTTP cookies

phpMyFAQ is contains Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in versions prior to 3.1.9.

GHSA-w3x5-427h-wfq6: Spring Boot Admins integrated notifier support allows arbitrary code execution

### Impact All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are possibly affected. ### Patches In the most recent releases of Spring Boot Admin 2.6.10 and 2.7.8 the issue is fixed by implementing `SimpleExecutionContext` of SpEL. This prevents the arbitrary code execution (i.e. SpEL injection). ### Workarounds * Disable any notifier * Disable write access (POST request) on `/env` actuator endpoint

GHSA-w9wc-4xcq-8gr6: Akeneo PIM Community Edition vulnerable to remote php code execution

### Impact Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. ### Patches Akeneo PIM Community Edition after the versions aforementioned provides patched Apache HTTP server configuration file, for docker setup and in documentation sample, to fix this vulnerability. Community Edition users must change their Apache HTTP server configuration accordingly to be protected. The patch for Cloud Based Akeneo PIM Services customers has been applied since 30th October 2022. ### Workarounds Replace any reference to `<FilesMatch \.php$>` in your apache httpd configurations with: `<Location "/index.php">`, as shown in https://github.com/akeneo/pim-community-dev/blob/b4d79bb073c8b68ea26ab227c97cc78d86c4cba1/docker/httpd.conf#L39. <!-- ### References _Are there any links users can visit to find out more?_ ### For more information If you have any questions or comments a...

GHSA-hc5g-xf64-j49j: Mingsoft MCMS vulnerable to SQL Injection

A vulnerability was found in Mingsoft MCMS up to 5.2.9. It has been classified as critical. Affected is an unknown function of the file /cms/category/list. The manipulation of the argument sqlWhere leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.2.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-215196.

GHSA-gg8r-xjwq-4w92: Cross-site scripting vulnerability in TinyMCE alerts

### Impact A cross-site scripting (XSS) vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicious HTML content. This can occur in plugins that use the alert or confirm dialogs, such as in the `image` plugin, which presents these dialogs when certain errors occur. The vulnerability allowed arbitrary JavaScript execution when an alert presented in the TinyMCE UI for the current user. ### Patches This vulnerability has been patched in TinyMCE 5.10.7 and TinyMCE 6.3.1 by ensuring HTML sanitization was still performed after unwrapping invalid elements. ### Fix To avoid this vulnerability: - Upgrade to TinyMCE 5.10.7 or higher for TinyMCE 5.x. - Upgrade to TinyMCE 6.3.1 or higher for TinyMCE 6.x. ### Workaround To reduce the impact of this vulnerability: - Ensure the the `images_upload_handler` returns a valid value as per the [images_upload_handler](https://www.tiny.cloud/docs/tinymce/6/file-image-upload/#images_upload_handler) document...

GHSA-4crw-w8pw-2hmf: Buildah (as part of Podman) vulnerable to Link Following

A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.

GHSA-rprg-4v7q-87v7: Buildah (as part of Podman) vulnerable to Path Traversal

A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality.