ghsa

### Impact This security advisory is about the user settings, which include things like preferred time zone and number of items per page in item listings. These could be accessed by the anonymous user. This impacted only the anonymous users themselves, and had no impact on logged in users. As such the impact is limited, even if custom user settings have been added, but please consider if this matters for your site. The fix ensures that only logged in users can access their user settings. ### References https://developers.ibexa.co/security-advisories/ibexa-sa-2023-002-user-settings-are-accessible-on-the-front-end-for-the-anonymous-user

The n8n package prior to 0.216.1 for Node.js allows Escalation of Privileges.

The n8n package prior to 0.216.1 for Node.js allows Information Disclosure.

The n8n package prior to version 0.216.1 for Node.js allows Directory Traversal.

## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-m6m9-gr85-79vm. This link is maintained to preserve external references. ## Original Description Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21.

## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-q7cc-m6jw-m262. This link is maintained to preserve external references. ## Original DescriptionCross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.

## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mhpj-7m7h-8p6x. This link is maintained to preserve external references. ## Original Description Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.

All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function.

### Impact There is an issue with the implementation of fine-grained access control rules (document-level security, field-level security and field masking) where they are not correctly applied to the queries during extremely rare race conditions potentially leading to incorrect access authorization. For this issue to be triggered, two concurrent requests need to land on the same instance exactly when query cache eviction happens, once every four hours. ### Affected versions OpenSearch 1.0.0-1.3.9 and 2.0.0-2.6.0 ### Patched versions OpenSearch 1.3.10 and 2.7.0 ### For more information If you have any questions or comments about this advisory, please contact AWS/Amazon Security via our issue reporting page (https://aws.amazon.com/security/vulnerability-reporting/) or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.

### Impact The HTML sanitizer, introduced in version 14.6-rc-1, allowed the injection of arbitrary HTML code and thus cross-site scripting via invalid data attributes. This can be exploited, e.g., via the link syntax in any content that supports XWiki syntax like comments in XWiki: ``` [[Link1>>https://XWiki.example.com||data-x/onmouseover="alert('XSS1')"]]. ``` When a user moves the mouse over this link, the malicious JavaScript code is executed in the context of the user session. When this user is a privileged user who has programming rights, this allows server-side code execution with programming rights, impacting the confidentiality, integrity and availability of the XWiki instance. Note that this vulnerability does not affect restricted cleaning in HTMLCleaner as there attributes are cleaned and thus characters like `/` and `>` are removed in all attribute names. ### Patches This problem has been patched in XWiki 14.10.4 and 15.0 RC1 by making sure that data attributes only c...