Tag
#vulnerability
By Waqas Concerned about a potential MFA bypass in Microsoft Azure Entra ID? This article explores the research, explains the vulnerability in context, and offers actionable steps to secure your organization. This is a post from HackRead.com Read the original post: Findings Show MFA Bypass in Microsoft Azure Entra ID Using Seamless SSO
Despite Cyber Army of Russia’s claims of swaying US “minds and hearts,” experts say the cyber sabotage group appears to be hyping its hacking for a domestic audience.
A high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue admin accounts on susceptible websites. The findings come from WPScan, which said that the vulnerability (CVE-2023-40000, CVSS score: 8.3) has been leveraged to set up bogus admin users with the names wpsupp‑user
The Cypher component in Neo4j before 5.19.0 mishandles IMMUTABLE privileges.
A vulnerability was found in Kimai up to 2.15.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Session Handler. The manipulation of the argument PHPSESSIONID leads to information disclosure. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 2.16.0 is able to address this issue. It is recommended to upgrade the affected component. VDB-263318 is the identifier assigned to this vulnerability.
Cross-site scripting (XSS) vulnerability in the search function in MvnRepository MS Basic 2.1.18.3 and earlier.
By Waqas In a major blow to ransomware, international law enforcement has unmasked Dmitry Yuryevich Khoroshev, the leader of LockBit ransomware. Learn about the takedown, sanctions imposed, and the future of LockBit in a post-Khoroshev era. This is a post from HackRead.com Read the original post: Feds Unmask LockBit Ransomware Leader as Dmitry Yuryevich Khoroshev
The Trix editor, versions prior to 2.1.1, is vulnerable to arbitrary code execution when copying and pasting content from the web or other documents with markup into the editor. The vulnerability stems from improper sanitization of pasted content, allowing an attacker to embed malicious scripts which are executed within the context of the application. **Vulnerable Versions**: Up to 2.1.0 **Fixed Version**: 2.1.1 **Vector**: - **Bug 1**: When copying content manipulated by a script, such as: ```js document.addEventListener('copy', function(e){ e.clipboardData.setData('text/html', '<div><noscript><div class="123</noscript>456<img src=1 onerror=alert(1)//"></div></noscript></div>'); e.preventDefault(); }); ``` and pasting into the Trix editor, the script within the content is executed. - **Bug 2**: Similar execution occurs with content structured as: ```js document.write(`copy<div data-trix-attachment="{"contentType":"text/html","content":"&l...
### Summary If PDF.js is used to load a malicious PDF, and PDF.js is configured with `isEvalSupported` set to `true` (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. ### Patches [This patch](https://github.com/wojtekmaj/react-pdf/commit/671e6eaa2e373e404040c13cc6b668fe39839cad) forces `isEvalSupported` to `false`, removing the attack vector. ### Workarounds Set `options.isEvalSupported` to `false`, where `options` is `Document` component prop. ### References - [GHSA-wgrm-67xf-hhpq](https://github.com/mozilla/pdf.js/security/advisories/GHSA-wgrm-67xf-hhpq) - https://github.com/mozilla/pdf.js/pull/18015 - https://github.com/mozilla/pdf.js/commit/85e64b5c16c9aaef738f421733c12911a441cec6 - https://bugzilla.mozilla.org/show_bug.cgi?id=1893645
An issue in tiagorlampert CHAOS before 1b451cf62582295b7225caf5a7b506f0bad56f6b and 24c9e109b5be34df7b2bce8368eae669c481ed5e allows a remote attacker to execute arbitrary code via the unsafe concatenation of the `filename` argument into the `buildStr` string without any sanitization or filtering.