Security
Headlines
HeadlinesLatestCVEs

Tag

#git

GHSA-3vmm-7h4j-69rm: TYPO3 vulnerable to Weak Authentication in Session Handling

> ### CVSS: `CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:X/RL:O/RC:C` (4.0) ### Problem Given that there are at least two different sites in the same TYPO3 installation - for instance _first.example.org_ and _second.example.com_ - then a session cookie generated for the first site can be reused on the second site without requiring additional authentication. This vulnerability primarily affects the frontend of the website. It's important to note that exploiting this vulnerability requires a valid user account. ### Solution Update to TYPO3 versions 8.7.55 ELTS, 9.5.44 ELTS, 10.4.41 ELTS, 11.5.33, 12.4.8 that fix the problem described above. ### Credits Thanks to Rémy Daniel who reported this issue, and to TYPO3 core & security team member Benjamin Franzke who fixed the issue. ### References * [TYPO3-CORE-SA-2023-006](https://typo3.org/security/advisory/typo3-core-sa-2023-006)

ghsa
Open in Source
#vulnerability#web#git#auth
GHSA-6hjj-gq77-j4qw: Label Studio Object Relational Mapper Leak Vulnerability in Filtering Task

# Introduction This write-up describes a vulnerability found in [Label Studio](https://github.com/HumanSignal/label-studio), a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to `1.9.2post0` and was tested on version `1.8.2`. # Overview In all current versions of [Label Studio](https://github.com/HumanSignal/label-studio), the application allows users to insecurely set filters for filtering tasks. An attacker can construct a *filter chain* to filter tasks based on sensitive fields for all user accounts on the platform by exploiting Django's Object Relational Mapper (ORM). Since the results of query can be manipulated by the ORM filter, an attacker can leak these sensitive fields character by character. For an example, the following filter chain will task results by the password hash of an account on Label Studio. ``` filter:tasks:updated_by__active_organization__active_users__password ``` For consistency, this type of vulnerabil...

CVE-2023-6130

Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

CVE-2023-48094: CesiumJS v1.111 DOM based XSS

A cross-site scripting (XSS) vulnerability in CesiumJS v1.111 allows attackers to execute arbitrary code in the context of the victim's browser via sending a crafted payload to /container_files/public_html/doc/index.html.

CVE-2023-6131

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

CVE-2023-6127: File Upload caused XSS (Import account) in suitecrm

Unrestricted Upload of File with Dangerous Type in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

CVE-2023-6128

Cross-site Scripting (XSS) - Reflected in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

CVE-2023-6125: JavaScript Code Execution in PDF in suitecrm

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

CVE-2023-6126: HTML injection in Tittle in suitecrm

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

CISA Has a New Road Map for Handling Weaponized AI

In its plans to implement a White House executive order, CISA aims to strike a balance between promoting AI adoption for national security and defending against its malicious use.