#jira

### Impact The REST API exposes the history of any page in XWiki of which the attacker knows the name. The exposed information includes for each modification of the page the time of the modification, the version number, the author of the modification (both username and displayed name) and the version comment. This information is exposed regardless of the rights setup, and even when the wiki is configured to be fully private. On a private wiki, this can be tested by accessing `/xwiki/rest/wikis/xwiki/spaces/Main/pages/WebHome/history`, if this shows the history of the main page then the installation is vulnerable. ### Patches This has been patched in XWiki 15.10.9 and XWiki 16.3.0RC1. ### Workarounds There aren't any known workarounds apart from upgrading to a fixed version. ### References * https://jira.xwiki.org/browse/XWIKI-22052 * https://github.com/xwiki/xwiki-platform/commit/9cbca9808300797c67779bb9a665d85cf9e3d4b8

In the digital realm, secrets (API keys, private keys, username and password combos, etc.) are the keys to the kingdom. But what if those keys were accidentally left out in the open in the very tools we use to collaborate every day? A Single Secret Can Wreak Havoc Imagine this: It's a typical Tuesday in June 2024. Your dev team is knee-deep in sprints, Jira tickets are flying, and Slack is

Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and encryption, and companies are often oblivious to the risk. A case in point: Disney suffered a devastating data leak by a hacktivist group known as NullBulge that got hold of over 1.2 terabytes of data from Disney's internal Slack messaging channels. The breach exposed

### Impact A user without script/programming right can trick a user with elevated rights to edit a content with a malicious payload using a WYSIWYG editor. The user with elevated rights is not warned beforehand that they are going to edit possibly dangerous content. The payload is executed at edit time. ### Patches This vulnerability has been patched in XWiki 15.10RC1. ### Workarounds No workaround. It is advised to upgrade to XWiki 15.10+. ### References * https://jira.xwiki.org/browse/XWIKI-20331 * https://jira.xwiki.org/browse/XWIKI-21311 * https://jira.xwiki.org/browse/XWIKI-21481 * https://jira.xwiki.org/browse/XWIKI-21482 * https://jira.xwiki.org/browse/XWIKI-21483 * https://jira.xwiki.org/browse/XWIKI-21484 * https://jira.xwiki.org/browse/XWIKI-21485 * https://jira.xwiki.org/browse/XWIKI-21486 * https://jira.xwiki.org/browse/XWIKI-21487 * https://jira.xwiki.org/browse/XWIKI-21488 * https://jira.xwiki.org/browse/XWIKI-21489 * https://jira.xwiki.org/browse/XWIKI-21490 ### ...

### Impact Is it possible for a user without Script or Programming rights to craft a URL pointing to a page with arbitrary JavaScript. This requires social engineer to trick a user to follow the URL. #### Reproduction steps 1. As a user without script or programming right, create a (non-terminal) document named `" + alert(1) + "` (the quotes need to be part of the name). 1. Edit the class. 1. Add a string property named `"test"`. 1. Edit using the object editor and add an object of the created class 1. Get an admin to open `<xwiki-server>/xwiki/bin/view/%22%20%2B%20alert(1)%20%2B%20%22/?viewer=display&type=object&property=%22%20%2B%20alert(1)%20%2B%20%22.WebHome.test&mode=edit` where `<xwiki-server>` is the URL of your XWiki installation. ### Patches This has been patched in XWiki 14.10.21, 15.5.5, 15.10.6 and 16.0.0. ### Workarounds We're not aware of any workaround except upgrading. ### References - https://jira.xwiki.org/browse/XWIKI-21810 - https://github.com/xwiki/xwiki-plat...

Red Hat Security Advisory 2024-5365-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include double free and null pointer vulnerabilities.

Red Hat Security Advisory 2024-5364-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include double free, memory leak, and null pointer vulnerabilities.

Red Hat Security Advisory 2024-5256-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include code execution, denial of service, and use-after-free vulnerabilities.

Black Hat presentation reveals adversaries don't need to complete all seven stages of a traditional kill chain to achieve their objectives.

The enterprise resource planning platform bug CVE-2024-38856 has a vulnerability-severity score of 9.8 out of 10 on the CVSS scale and offers a wide avenue into enterprise applications for cyberattackers.