Tag
#chrome
**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 136.0.3240.50 5/1/2025 136.0.7103.49
Cybercriminals are having less success targeting end-user technology with zero-day attacks, said Google's security team this week.
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
### Summary The request to commence a site backup can be performed without authentication. Then these backups can also be downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create an archive and then download the archive without being authenticated. ### Details Create an installation using the instructions found in the docker folder of the repository, setup the site, and then send the request to create an archive, which you do not need to be authenticated for: ``` POST /?api/archives HTTP/1.1 Host: localhost:8085 action=startArchive¶ms%5Bsavefiles%5D=true¶ms%5Bsavedatabase%5D=true&callAsync=true ``` Then to retrieve it, make a simple `GET` request like to the correct URL: ``` http://localhost:8085/?api/archives/2025-04-12T14-34-01_archive.zip ``` A malicious attacker could simply fuzz this filename. ### PoC Here is a python script to fuzz this: ``` #!/usr/bin/env python3 import requests import argpars...
### Summary Reflected XSS has been detected in the file upload form. Vulnerability can be exploited without authentication This Proof of Concept has been performed using the followings: - YesWiki v4.5.3 (doryphore-dev branch) - Docker environnment (docker/docker-compose.yml) ### Vulnerable code The vulnerability is located in the [file](https://github.com/YesWiki/yeswiki/blob/6894234bbde6ab168bf4253f9a581bd24bf53766/tools/attach/libs/attach.lib.php#L724-L735) ``` public function showUploadForm() { $this->file = $_GET['file']; echo '<h3>' . _t('ATTACH_UPLOAD_FORM_FOR_FILE') . ' ' . $this->file . "</h3>\n"; echo '<form enctype="multipart/form-data" name="frmUpload" method="POST" action="' . $this->wiki->href('upload', $this->wiki->GetPageTag()) . "\">\n" . ' <input type="hidden" name="wiki" value="' . $this->wiki->GetPageTag() . "/upload\" />\n" . ' <input type="hidden" name="MAX_FILE_SIZE" value="' . ...
AI search service Perplexity AI doesn't just want you using its app—it wants to take over your web browsing experience too.
AI search service Perplexity AI doesn't just want you using its app—it wants to take over your web browsing experience too.
Plus: Cybercriminals stole a record-breaking fortune from US residents and businesses in 2024, and Google performs its final flip-flop in its yearslong quest to kill tracking cookies.
Free up space on your iPhone fast. Learn 5 proven ways to clear storage, remove clutter, and manage photos, apps, and files with no gimmicks, just results.
Google on Tuesday revealed that it will no longer offer a standalone prompt for third-party cookies in its Chrome browser as part of its Privacy Sandbox initiative. "We've made the decision to maintain our current approach to offering users third-party cookie choice in Chrome, and will not be rolling out a new standalone prompt for third-party cookies," Anthony Chavez, vice president of Privacy