#mac

### Impact Any user with view rights on commonly accessible documents including the icon picker macro can execute arbitrary Groovy, Python or Velocity code in XWiki due to improper neutralization of the macro parameters of the icon picker macro. The URL `<server>/xwiki/bin/view/Main?sheet=CKEditor.HTMLConverter&language=en&sourceSyntax=xwiki%252F2.1&stripHTMLEnvelope=true&fromHTML=false&toHTML=true&text=%7B%7BiconPicker%20id%3D%22'%3C%2Fscript%3E%7B%7B%2Fhtml%7D%7D%7B%7Bcache%7D%7D%7B%7Bgroovy%7D%7Dprintln(%2FHellofromIconPickerId%2F)%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fcache%7D%7D%22%20class%3D%22'%3C%2Fscript%3E%7B%7B%2Fhtml%7D%7D%7B%7Bcache%7D%7D%7B%7Bgroovy%7D%7Dprintln(%2FHellofromIconPickerClass%2F)%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fcache%7D%7D%22%2F%7D%7D` demonstrates the issue (replace `<server>` by the URL to your XWiki installation). If the output `HellofromIconPickerId` or `HellofromIconPickerClass` is visible, the XWiki installation is vulnerable (normally, all output should be conta...

### Impact Any user with the right to edit his personal page can follow one of the scenario below: **Scenario 1**: - Log in as a simple user with just edit rights on the user profile - Go to the user's profile - Upload an attachment in the attachment tab at the bottom of the page (any image is fine) - Click on "rename" in the attachment list and enter `{{async async="true" cached="false" context="doc.reference"}}{{groovy}}println("Hello from groovy!"){{/groovy}}{{/async}}.png` as new attachment name and submit the rename - Go back to the user profile - Click on the edit icon on the user avatar - `Hello from groovy!` is displayed as the title of the attachment **Scenario 2**: - Log in as a simple user with just edit rights on a page - Create a Page `MyPage.WebHome` - Create an XClass field of type String named `avatar` - Add an XObject of type `MyPage.WebHome` on the page - Insert an `attachmentSelector` macro in the document with the following values: - **classname**: `MyPage.WebHo...

An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and highly impactful, because the exploitation conforms to de facto DNS specifications and operational practices, and overcomes current mitigation patches for "Ghost" domain names.

A cross-site scripting (XSS) vulnerability in Beekeeper Studio v3.6.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error modal container.

Luna Moth is relying solely on call-back phishing, as well as legitimate tools, to steal data and extract ransoms from victims of all stripes in an expanding cyberattack effort.

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic.

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter.

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formWifiWpsStart.

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.

Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName.