Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

GHSA-34q3-p352-c7q8: Central Dogma Authentication Bypass Vulnerability via Session Leakage

### Vulnerability Overview A vulnerability has been identified in Central Dogma versions prior to 0.64.0, allowing for the leakage of user sessions and subsequent authentication bypass. The issue stems from a Cross-Site Scripting (XSS) attack vector that targets the RelayState of Security Assertion Markup Language (SAML). ### Impact Successful exploitation of this vulnerability enables malicious actors to leak user sessions, leading to the compromise of authentication mechanisms. This, in turn, can facilitate unauthorized access to sensitive resources. ### Patches This vulnerability is addressed and resolved in Central Dogma version 0.64.0. Users are strongly encouraged to upgrade to this version or later to mitigate the risk associated with the authentication bypass. ### Workarounds No viable workarounds are currently available for this vulnerability. It is recommended to apply the provided patch promptly. ### References - [OASIS SAML v2.0 Errata 05](https://docs.oasis-open.org/se...

ghsa
Open in Source
#xss#vulnerability#auth
Grocy 4.0.2 Cross Site Request Forgery

Grocy versions 4.0.2 and below suffer from a cross site request forgery vulnerabilities.

GHSA-qfv2-3p2f-vg48: Duplicate Advisory: Central Dogma Authentication Bypass Vulnerability via Session Leakage

## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-34q3-p352-c7q8. This link is maintained to preserve external references. ## Original Description Central Dogma versions prior to 0.64.0 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass.

GHSA-547x-748v-vp6p: Dash apps vulnerable to Cross-site Scripting

Versions of the package dash-core-components before 2.13.0; all versions of the package dash-core-components; versions of the package dash before 2.15.0; all versions of the package dash-html-components; versions of the package dash-html-components before 2.0.16 are vulnerable to Cross-site Scripting (XSS) when the href of the a tag is controlled by an adversary. An authenticated attacker who stores a view that exploits this vulnerability could steal the data that's visible to another user who opens that view - not just the data already included on the page, but they could also, in theory, make additional requests and access other data accessible to this user. In some cases, they could also steal the access tokens of that user, which would allow the attacker to act as that user, including viewing other apps and resources hosted on the same server. **Note:** This is only exploitable in Dash apps that include some mechanism to store user input to be reloaded by a different user.

GHSA-vqxq-hvxw-9mv9: Statmic CMS vulnerable to account takeover via XSS and password reset link

### Impact HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects: - front-end forms with asset fields without any mime type validation - asset fields in the control panel - asset browser in the control panel Additionally, if the XSS is crafted in a specific way, the "copy password reset link" feature may be exploited to gain access to a user's password reset token and gain access to their account. The authorized user is required to execute the XSS in order for the vulnerability to occur. ### Patches In versions 4.46.0 and 3.4.17, the XSS vulnerability has been patched, and the copy password reset link functionality has been disabled. (Users may still trigger password reset emails.) ### Credits Statamic thanks Niklas Schilling (discovery, analysis, coordination) from the SEC Consult Vulnerability Lab (https://www.sec-consult.com/) for responsibly reporting the identified issues and working with us as we addressed them.

November 2023 – January 2024: New Vulristics Features, 3 Months of Microsoft Patch Tuesdays and Linux Patch Wednesdays, Year 2023 in Review

Hello everyone! It has been 3 months since the last episode. I spent most of this time improving my Vulristics project. So in this episode, let’s take a look at what’s been done. Alternative video link (for Russia): https://vk.com/video-149273431_456239139 Also, let’s take a look at the Microsoft Patch Tuesdays vulnerabilities, Linux Patch Wednesdays vulnerabilities and […]

Red Hat Security Advisory 2024-0485-03

Red Hat Security Advisory 2024-0485-03 - Red Hat OpenShift Container Platform release 4.12.48 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a cross site scripting vulnerability.

GHSA-v5gq-qvjq-8p53: Grafana Cross-site Scripting (XSS)

Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.

GHSA-6wh2-8hw7-jw94: Grafana XSS via adding a link in General feature

Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.

GHSA-cmq2-j8v8-2q44: Grafana XSS in Dashboard Text Panel

Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.