#java

Pagefind initializes its dynamic JavaScript and WebAssembly files relative to the location of the first script you load. This information is gathered by looking up the value of `document.currentScript.src`. It is possible to "clobber" this lookup with otherwise benign HTML on the page, for example: ```html <img name="currentScript" src="blob:https://xxx.xxx.xxx/ui.js"></img> ``` This will cause `document.currentScript.src` to resolve as an external domain, which will then be used by Pagefind to load dependencies. This exploit would only work in the case that an attacker could inject HTML to your live, hosted, website. In these cases, this would act as a way to escalate the privilege available to an attacker. This assumes they have the ability to add some elements to the page (for example, `img` tags with a `name` attribute), but not others, as adding a `script` to the page would itself be the XSS vector. Pagefind has tightened this resolution by ensuring the source is loaded from a...

Taskhub version 2.8.8 suffers from an ignored default credential vulnerability.

Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante. "This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII from its victims using phishing screens posing as different banks," Dutch security company ThreatFabric said. "Finally, it can use all this exfiltrated

Online Musical Instrument Shop IN version 1.0 suffers from a cross site scripting vulnerability.

Online Job Portal IN version 1.0 suffers from a remote SQL injection vulnerability.

Loan Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.

This Metasploit module scans a JBoss instance for a few vulnerabilities.

ManageEngine Password Manager Pro (PMP) has an authenticated blind SQL injection vulnerability in SQLAdvancedALSearchResult.cc that can be abused to escalate privileges and obtain Super Administrator access. A Super Administrator can then use his privileges to dump the whole password database in CSV format. PMP can use both MySQL and PostgreSQL databases but this module only exploits the latter as MySQL does not support stacked queries with Java. PostgreSQL is the default database in v6.8 and above, but older PMP versions can be upgraded and continue using MySQL, so a higher version does not guarantee exploitability. This Metasploit module has been tested on v6.8 to v7.1 build 7104 on both Windows and Linux. The vulnerability is fixed in v7.1 build 7105 and above.

A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nation-state adversary, which had made a habit of incorporating rafts of Windows zero-day exploits into its arsenal in recent months.

A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. This issue is considered a high complexity attack, with additional high privileges required, as the attack would need access to the Kroxylicious configuration or a peer system. The result of a successful attack impacts both data integrity and confidentiality.