A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been declared as problematic. This vulnerability affects p=contact. The manipulation of the Message textbox with the input <script>alert(1)</script> leads to cross site scripting. The attack can be initiated remotely but requires authentication. Exploit details have been disclosed to the public.

**Product Show Room Site - 'Message' Stored Cross-Site Scripting(XSS)****Exploit Title: Product Show Room Site - 'Message' Stored Cross-Site Scripting(XSS)****Exploit Author: webraybtl@webray.com.cn inc****Vendor Homepage: https://www.sourcecodester.com/php/15370/product-show-room-site-phpoop-free-source-code.html****Software Link: https://www.sourcecodester.com/download-code?nid=15370&title=Product+Show+Room+Site+in+PHP%2FOOP+Free+Source+Code****Version: Product Show Room Site 1.0****Tested on: Windows Server 2008 R2 Enterprise, Apache ,Mysql****Description**

Persistent XSS (or Stored XSS) attack is one of the three major categories of XSS attacks, the others being Non-Persistent (or Reflected) XSS and DOM-based XSS. In general, XSS attacks are based on the victim’s trust in a legitimate, but vulnerable, website or web application.Product Show Room Site does not filter the content correctly at the "Contact info-Telephone" module, resulting in the generation of stored XSS.

**Payload used:**

<script>alert(111)</script>

**Proof of Concept**

1.  Login the CMS. Default Admin Access Username: admin Password: admin123
    
2.  Open Page http://172.24.5.107/psrs/?p=contact
    
3.  Put XSS payload (<script>alert(111)</script>) in the Message box and click on Send Message to publish the page  
    
4.  Open http://172.24.5.107/psrs/admin/?page=inquiries,Viewing the Top 1 of Inquiries page,We can see the alert.

CVE-2022-1979: webray.com.cn/'Message' Stored Cross-Site Scripting(XSS).md at main · Xor-Gerke/webray.com.cn

Multiple cross-site scripting (XSS) vulnerabilities in Neos CMS allow attackers with the editor role or higher to inject arbitrary script or HTML code using the editor function, the deletion of assets, or a workspace title. The vulnerabilities were found in versions 3.3.29 and 8.0.1 and could also be present in all intermediate versions.

**Component Type:** neos/neos  
**Vulnerability Type: XSS**  
**Severity:** medium  
**Affected Versions:** Neos from version 3.3 upwards  
Fixed Versions: 5.3.10, 7.0.9, 7.1.7, 7.2.6, 7.3.4, 8.0.2

The notification module displaying flash messages unscapes HTML coming from the server, resulting in XSS vulnerabilities with various names and labels of entities (eg. workspace title or media title).

This however means you must be a logged in user with respective rights in the first place to leverage the attack vector.

**Fixing the Issue**

To fix the issue, you need to update neos/neos to the newest bugfix version.

Note: The last supported version for security fixes is Neos 5.3. If you are still using an earlier Neos version we urge you to update immediately anyway.

Make sure you have at least one of the following versions after updating: 

*   5.3.10
*   7.0.9
*   7.1.7
*   7.2.6
*   7.3.4
*   8.0.2

**Credits**

Thanks to **Nina Wagner** of it.sec GmbH who **reported** the issue to us. And to **Christian Müller** for fixing it!

**Getting Help**

In case you are unsure about the issue, don't hesitate to contact the Neos team on Slack (#neos-general) or through the other communication channels!

CVE-2022-30429: XSS in various backend modules

**Metaverse as  
unique as its users**

Neos Metaverse is a revolutionary virtual community; a peer-to-peer, real-time collaboration platform for creators, educators and communities powered by the versatile Neos Engine.  
Join the metaverse and join us on our mission to provide diversity, individuality & creative freedom.

**One platform, near-endless solutions.**

Neos Metaverse - also known as NeosVR - has been designed to be a truly versatile and customizable creative environment complete with an innovative visual scripting language LogiX.

Leverage the power of Neos, build content with advanced editing tools, connect with the virtual community, explore countless ways of self-expression and accelerate your workflows through real-time virtual collaboration to create authentic immersive experiences.

**Create. Inspire. Amaze.**

Neos for creators

Whether you choose to make stunning art with brushes, material guns and shape tools - hanging your unique creations on the walls of your virtual home - or you prefer to have fun building jet packs, swinging ropes or gravity lifts, completely in-game and in real-time collaboration, Neos distinctive features enable you to explore the realms of true, real creative freedom. What’s more, custom animations, interactions and special effects can be effortlessly added with our powerful visual scripting language and tools.

**Play. Share. Have Fun.**

Neos for communities

Be whoever you want to be and roam the metaverse with friends from all over the world; experiment with advanced full-body tracking and haptic feedback, express yourself through dance & singing or pull off an epic break-dance battle. Neos Metaverse can connect you with your favorite artists and streamers and provide you with a powerful platform to participate in various meetings and events.

**Educate. Simulate. Collaborate.**

Neos for educators and businesses

Immersive experiences have a significant positive impact on memory retention and overall performance in both educational and business settings. Neos enables you and your audiences to experience the magnitude of the universe unraveling in front of you; allowing you to create accurate technical simulations and give lectures in your field of expertise.

**Neos Credits****A purpose-built peer-to-peer digital currency**

Neos Credits (NCR) is the official metaverse cryptocurrency of Neos, designed to serve our evolving community of creators and users.  
A decentralized Neos Store market place powered by NCR will enable a rich in-game economy resulting in an even greater amount of content for users to enjoy and in a great way for creators to make a living by monetizing their awesome work.  
To learn more about our mission, vision and tokenomics please read our whitepaper.

Read whitepaper

Prices may not be up to date, last checked  \--:--

**Neos ICO**

Batch Progress

Minting Batch: 444/500  
Next Batch: +1.25% minting price

Total Progress

Minted via Ethereum:  36,956,705.74 NCR  
Minted via Patreon: 1,985,046.20 NCR

**NCR Minting Price**

$**14.728223**

0x7CCBac6D333838608be0c40E124381016F4c81Fc \*

\*By sending Ethereum to this address, you agree to all terms in the Neos Whitepaper.  
‍‍  
Please don't send buy transactions directly from an exchange as potentially you will be unable to prove your NCR ownership.  

**ERC20 Wallets**

**Progress Graph**

**Everything you need  
in one platform**

Neos Metaverse has been engineered to revolutionize workflows in virtual collaboration and bring together communities online from all over the world. Creators, educators and global communities can build and distribute immersive experiences in a real-time virtual space. Neos is available in 20+ languages and supports a variety of virtual reality headsets as well as desktop mode so you can enjoy the gameplay wherever you are.

Use Neos as your VR and metaverse platform for games, learning, business and training. Explore your imagination.

Download Neos

**Accelerate time to production**

Put a stop to tedious importing/exporting processes and import over 40 different 3D model formats and a variety of media with a mere click. Take advantage of Neos fluid export capabilities and move your creations into various 3D modeling applications and game engines.

**Leverage the power of LogiX**

Choose from the arsenal of creative tools, brushes and materials prepared by our community or build your own. With no-code, node based LogiX visual scripting system you can make your own tools, simulations and games right within VR.    

**Ferociously dynamic, beautifully simple.  
Meet Neos Engine.**

Neos Engine is a state-of-the-art metaverse engine offering effortless multiplayer synchronization, content interoperability and content persistence thanks to its own advanced data model.  
It gives our users the ability to load worlds dynamically, switch between them instantly and creators the power to build worlds without the use of a third party game engine or SDKs directly in Neos.    
Automatic interoperability between all parts of the system allows for powerful, often unforseen, interactions involving assets by multiple creators that weren't specifically designed to work together. It just works - like in real life.  

**Transforming virtual collaboration**

Neos Metaverse enables users to create content and experiences in real time within VR and in collaboration with other people. Artists, designers, educators; communities or globally distributed teams can all build together in a virtual reality environment, run multiple sessions at the same time and access digital assets from any world.

**Hardware agnostic performance**

Neos is designed to work with the majority of VR headsets, as well as being able to switch to fully fledged desktop mode instantly - enabling you to spend more time creating and less time transitioning between environments and implementing SDKs. Thanks to our automatic content update process, your content remains fully functional in all future versions of Neos.  

**Your privacy is our priority**

With an easy to use permission system you can restrict who can join and what others can do in your worlds. Private local P2P sessions give you peace of mind, knowing that you have full ownership and control over your data. You can optionally take advantage of the centralized Neos Cloud giving you the most convenient experience.

**Advanced full body avatars**

Our advanced avatar system allows for importing, building and customizing avatars completely in-game. Neos supports enhanced facial and body tracking, haptic feedback, interactive dynamic bones and a fully configurable, full body IK system with up to 11 tracking points so everyone can see and react to your facial expressions and body language; bringing you even closer to those you’re collaborating with.  

**Metaverse Training Centre**

Our team of volunteers from all over the world takes great pride in creating a welcoming and supportive onboarding experience. Neos Metaverse Training Center is a true hub of knowledge where you can learn anything from setting up your avatars, visual scripting or simply drawing inspiration from our gallery of creations.  

For a full list of features please visit our Wiki

**Here's where we're going**

Neos Masterplan  
‍  
Our aim is to accelerate the transition to virtual collboration and to become a global platform of choice for everyone with their hearts in a mission for diversity, inclusivity and democracy, serving as an inspiration and example to the rest of the world.

Neos Masterplan  
‍  
Our aim is to accelerate the transition to virtual collboration and to become a global platform of choice for everyone with their hearts in a mission for diversity, inclusivity and democracy, serving as an inspiration and example to the rest of the world.

A full roadmap is available at GitHub

**Our mission and story**

Our aim is to accelerate the transition to virtual collaboration and to become a global platform of choice for everyone with a passion for diversity and inclusivity serving as an inspiration and example to the rest of the world.

Neos started as a virtual reality educational app and educational pilot project called World of Comenius at a grammar school that over time evolved into a full-scale metaverse engine. The very first educational demo enabled users to view human anatomy, play with atoms, force fields and robots.

Soon it became clear that the key to a truly useful and organized immersive experience was user interaction and content persistency - and that is how Neos, as a social metaverse, emerged. Thanks to funding from various investors and our very supportive community, Neos has grown into a versatile, feature-rich metaverse platform complete with its own cryptocurrency and continues to change the landscape of virtual reality experiences.

Current development roadmap is available at GitHub

CVE-2022-30429: Neos Metaverse

NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack.

**NETSCOUT Security**

**CVE-2021-45981**

CVE

Title

Version

Severity

CVE-2021-45981

XML External Entity (XXE)

6.3.2

Base

**Summary**

NETSCOUT Systems in nGeniusONE version 6.3.2 build 904 allows XML External Entity (XXE) attacks. Attack complexity is high. Privileges required none. User interaction required and scope is unchanged.

NetScout Systems would like to acknowledge Lukasz Plonka for reporting CVE-2021-45981 to techsupport@netscout.com

   
**Fixed Software**

Customers should install patch 6.3.2 P12 to eliminate this vulnerability. The patch is available on My NETSCOUT account page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note all future versions include this fix.

techsupport@netscout.com

**CVE-2021-45982**

CVE

Title

Version

Severity

CVE-2021-45982

Arbitrary File Upload

6.3.2

Base

**Summary**

NETSCOUT Systems in nGeniusONE version 6.3.2 build 904 allows an Arbitrary File Upload vulnerability. Attack complexity is high. Privileges required low. User interaction required and scope is unchanged.

NetScout Systems would like to acknowledge Lukasz Plonka for reporting CVE-2021-45982 to techsupport@netscout.com

   
**Fixed Software**

Customers should install patch 6.3.2 P10  to eliminate this vulnerability. The patch is available on My NETSCOUT account page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note all future versions include this fix.

techsupport@netscout.com

**CVE-2021-45983**

CVE

Title

Version

Severity

CVE-2021-45983

Java RMI Remote Code Execution

6.3.2

Base

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.2 build 904 allows Java RMI Code Execution attacks. Attack complexity is high. Privileges required none. User interaction required and scope is unchanged.

NetScout Systems would like to acknowledge Lukasz Plonka for reporting CVE-2021-45982 to techsupport@netscout.com

   
**Fixed Software**

Customers should install 6.3.2 P12 to eliminate this vulnerability. The patch is available on My NETSCOUT account page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35205**

CVE

Title

Severity

Published

Updated

CVE-2021-35205

Open Redirection

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector. The Attack complexity is low, and the privileges required are also low. User Interaction required, and Scope is unchanged

  **Fixed Software**

Customers should request a patch 6.3.2 FCS B426 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35204**

CVE

Title

Severity

Published

Updated

CVE-2021-35204

Cross-Site Scripting (XSS)

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows Reflected Cross-Site Scripting (XSS) in the support endpoint. Attack Complexity required is low. Privileges required are low and User Interaction required, and Scope is unchanged. The victim has to click on the provided URL.

**Fixed Software**

Customers should request a patch 6.3.0 P6 B1413 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35203**

CVE

Title

Severity

Published

Updated

CVE-2021-35203

Incorrect Access Control

Medium

09/30/2021

10/04/2021

**Summary** 

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint. The attacker needs to send a specially crafted request with a parameter with the file name to read. The Attack Complexity is low, and the privileges required are low. User Interaction is required, and Scope is unchanged

**Fixed Software**

 Customers should request a patch 6.3.0 P6 B1413 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note that all future versions include this fix.

 techsupport@netscout.com

**CVE-2021-35202**

CVE

Title

Severity

Published

Updated

CVE-2021-35202

Insecure Permissions

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService. Attack Complexity is Low. The attacker can reach endpoints that are restricted. User Interaction is required, and Scope is unchanged

  **Fixed Software**

Customers should request a patch 6.3.0 P6 B1413 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35201**

CVE

Title

Severity

Published

Updated

CVE-2021-35201

XML External Entity (XXE)

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems NEI in nGeniusONE version 6.3.0 build 1196 allows XML External Entity (XXE) attacks. Attack Complexity is High, Privileges Required None, User Interaction Required and Scope is unchanged.

**Fixed Software**

Customers should request a patch 6.3.0 P4 B1406 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35200**

CVE

Title

Severity

Published

Updated

CVE-2021-35200

Stored Cross-Site Scripting (XSS)

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 has stored cross-site scripting in FDSQueryService vulnerability that a high-privileged user can exploit. This would require a user with high privileges. Attack complexity is High, and the Scope is Unchanged

**Fixed Software**

Customers should request a patch 6.3.0 P5 B1411 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35199**

CVE

Title

Severity

Published

Updated

CVE-2021-35199

Stored Cross-Site Scripting (XSS) in UploadFile

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 and earlier has stored cross-site scripting in Packet Analysis module Upload File vulnerability that a normal user can exploit. This requires a little crypto knowledge to exploit. The vulnerability exists in upload functionality.

**Fixed Software**

Customers should request a patch 6.3.0 P5 B1411 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35198**

CVE

Title

Severity

Published

Updated

CVE-2021-35198

Stored Cross-Site Scripting (XSS) in the Packet Analysis module

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.0 build 1004, and earlier has a stored cross-site scripting vulnerability that a normal user can exploit. The user would need to visit a certain functionality in the packet module for the Stored XSS to get executed.

**Fixed Software**

Customers should request a patch 6.3.0 P5 B1411 to eliminate this vulnerability. This is available on the My NETSCOUT or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix

techsupport@netscout.com

**CVE-2020-28251**

CVE

Title

Severity

Published

Updated

CVE-2020-28251

Escalated Privileges Vulnerability on AirMagnet Enterprise Sensors

High

2020 December 03

2020 December 07

NETSCOUT Systems AirMagnet Enterprise version 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The attacker must complete a straightforward password-cracking exercise.

The affected product models are:

*   SENSOR6-R1S0W1-E
*   SENSOR6-R2S1-E
*   SENSOR6-R2S1-I
*   SENSOR4-R1S1W1-E
*   SENSOR4-R2S1-E
*   SENSOR4-R2S1-I

A software upgrade to AirMagnet Enterprise version 11.1.4 build 37271 to eliminate this vulnerability is available on My NETSCOUT accounts on the AirMagnet Enterprise Downloads page or may be obtained by contacting AirMagnet support at 1-800-708-4784.

  techsupport@netscout.com

CVE-2021-45981: Security Advisories | NETSCOUT

bbs-go <= 3.3.0 including Custom Edition is vulnerable to stored XSS.

Affected version: <= 3.3.0 (all versions yet)  
Including Custom Edition I guess.

Usage of "v-html" tag should be really careful in vue. I found several unsafe usage in bbs-go webpage which data source might be from any user. It's necessary to filter the rich text before it is posted to the client. Otherwise it will be dangerous.

Here is the XSS attack example screenshot (one of them) :

And the unsafe "v-html" tag for topic content (one of them) :

I will report the poc code after mlogclub team confirm and fix this defect.

CVE-2021-38221: There are several stored XSS vulnerabilities · Issue #112 · mlogclub/bbs-go

BigBlueButton Greenlight 2.11.1 allows XSS. A threat actor could have a username containing a JavaScript payload. The payload gets executed in the browser of the victim in the "Share room access" dialog if the victim has shared access to the particular room with the attacker previously.

**Description**

BigBlueButton’s front-end interface Greenlight version 2.11.2 (or earlier) is vulnerable to stored Cross-Site Scripting (XSS) in the “Share Room Access” dialog. A threat actor could inject XSS payload in the username field. The payload gets executed in the “Share Room Access” dialog if the victim has shared access to the room with the attacker previously.

**Affected Component**

BigBlueButton/Greenlight

**Attack Type**

Remote

**Attack Vectors**

To exploit the vulnerability, an attacker needs an active user account in the Greenlight application. Additionally, the victim needs to have shared access to a room with the attacker.

**Reference**

https://github.com/bigbluebutton/greenlight/releases/tag/release-2.12.0.

**Discoverer**

mgm security partners found this vulnerability during a security analysis of the BigBlueButton software ordered by the Federal Office for Information Security in Germany (BSI).

**Timeline**

*   4 March 2022: the vulnerability was reported to the BigBlueButton developer team
*   15 April 2022: Greenlight version 2.12.0 containing the patch for the reported vulnerability was released

CVE-2022-26497: CVE-2022-26497: BigBlueButton Greenlight XSS

Couchbase Server before 7.1.0 has Incorrect Access Control.

CVE-2021-33504: Alerts | Couchbase

In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions.

This page summarizes all security advisories for KNIME Software products and services, including KNIME Analytics Platform, KNIME Server, and KNIME Hub.

Please note that the CVSS Score is an indication of the potential _severity_ of the issue but not the _risk_. The actual risk needs to be assessed by every user individually because there may be circumstances where a high severity issue is not applicable and therefore does not pose a risk (and vice-versa).

If you want to know more about the CVSS Score, have a look at the resources provided by the Common Vulnerability Scoring System SIG.

**CVE-2022-31500 - Windows installer for KNIME Analytics Platform allows for privilege escalation**

*   Published: 2022-05-24
*   Affected Product: KNIME Analytics Platform before 4.6.0
*   Base CVSS Score: 8.2
*   Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:F/RL:T/RC:X/CR:L/IR:L/AR:L/MAV:L/MAC:L/MPR:N/MUI:R/MS:C/MC:H/MI:H/MA:H

The installer for KNIME Analytics Platform on Windows before 4.6.0 makes the installation directory writeable to everyone on the system. This is useful so that the user can update or install extensions from a running KNIME Analytics Platform without having to restart the application as administrator. However, this also allows other authenticated local users on the system to (re)place malicious files in the installation e.g. replacing the uninstall program. The latter is run with administration privileges if the application is being uninstalled (by a user with administrative privileges). Starting with KNIME Analytics Platform 4.6.0 the installer will restrict write access to the installation directory to admin users. This also means that in order to update or install additional extensions, KNIME Analytics Platform must first be started with admin privileges.

Note that the KNIME Server installer for Windows, which can create a KNIME Analytics Platform installation used as an executor, is **not** affected.

**Workaround**

Existing installations can be "fixed" by restricting the permissions of the installation folder manually. If you use the self-extracting archive or the ZIP file the default permissions on Windows apply, which usually means that only the extracting user has write permissions on the installation directory. In this case update or installation of extensions is possible without starting KNIME Analytics Platform as admin user.

The vulnerability was found and reported by Łukasz Rupala & Przemysław Mazurek.

**CVE-2021-45096 - External XML Entity Injection with specially crafted workflow files**

*   Published: 2021-12-16
*   Affected Product: KNIME Analytics Platform before 4.5.0
*   Base CVSS Score: 4.3
*   Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

KNIME Analytics Platform before 4.5.0 with resolve external entities in workflow.knime files when loading a workflow. Using a specially crafted workflow file, potentially sensitive information such as Windows network password hashes maybe leaked _to_ a remote system. It can not be used to leak information _from_ a remote system e.g. when a workflow is loaded on KNIME Server.

The vulnerability was found and reported by Dawid Czarnecki from NATO.

****CVE-2021-45097 -** Server installer does not restrict permission on auto-install.xml**

*   Published: 2021-12-16
*   Affected Product: KNIME Server before 4.12.6 and 4.13.x before 4.13.4
*   Base CVSS Score: 2.9
*   Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

KNIME Server before 4.12.6 and 4.13.x before 4.13.4 (when installed in unattended mode) keeps the administrator's password in a file without appropriate file access controls, allowing all local users to read its content.

The vulnerability was found and reported by Dawid Czarnecki from NATO.

**CVE-2021-44725 - Directory path traversal when requesting client profiles**

*   Published: 2021-12-07
*   Affected Product: KNIME Server between 4.7.0 and below 4.11.6, 4.12.5, 4.13.4, respectively
*   Base CVSS Score: 7.5
*   Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The server managed customizations functionality of KNIME Server starting at version 4.7.0 is vulnerable to Directory Path Traversal attacks. By manipulating variables that reference files by prepending “dot-dot-slash (../)” sequences and their variations or by using absolute file paths, it is possible to access arbitrary files and directories stored on the file system including application source code, configuration, and database. Due to the file-based architecture of KNIME Server, this vulnerability allows stealing users' data  
such as password hashes, workflows, licenses, jobs, and so on. No authentication is required to exploit this vulnerability.

The issue is fixed in KNIME Server 4.13.4, 4.12.5, and 4.11.6 which have been released today. All customers are advised to update their server's immediately.

**Workaround**

If you cannot update right away you can apply the following workaround which prevents access to client profiles for any user:

1.  Locate _<apache-tomcat>/webapps/knime/WEB-INF/web.xml_
2.  Edit the file and add the following block before the existing line <deny-uncovered-http-methods /> at the bottom of the file:
    
       ...
       <security-constraint>
          <web-resource-collection>
             <web-resource-name>Profiles
             <url-pattern>/rest/v4/profiles/contents
          </web-resource-collection>
          <auth-constraint />
       </security-constraint>
    
       <deny-uncovered-http-methods />
    </web-app>
    
3.  Restart KNIME Server.

The vulnerability was found and reported by Dawid Czarnecki from NATO.

**CVE-2021-44726 - Cross-Site-Scripting vulnerability in old WebPortal login**

*   Published: 2021-12-07
*   Affected Product: KNIME Server below 4.13.4
*   Base CVSS Score: 8.8
*   Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L

The old KNIME WebPortal login page up to version 4.13.3 contains a DOM-based XSS vulnerability that once exploited, can be used to run any action as a victim user via malicious JavaScript. If the victim user is an administrator, it could be used to create a new administrator. To exploit the vulnerability it is required to create a specially crafted URL and convince the victim to open it. No authentication is required to exploit the vulnerability, however, authenticated users can be targeted.

The vulnerability was found and reported by Dawid Czarnecki from NATO

CVE-2022-31500: Security Advisories | KNIME

The TikTok application before 23.8.4 for Android allows account takeover. A crafted URL (unvalidated deeplink) can force the com.zhiliaoapp.musically WebView to load an arbitrary website. This may allow an attacker to leverage an attached JavaScript interface for the takeover with one click.

**Report security vulnerabilities**

****Report Security Vulnerabilities****

  
TikTok's mission is to inspire creativity and bring joy. The security and health of our platform closely tie to this mission. If things aren't working properly on TikTok, our dedicated security team is ready to respond and resolve those issues. In addition to our team of experienced security professionals and industry-leading security technologies, we rely on, and value, external input that flag technical security bugs on our platform. With that in mind, we have defined a set of policies to guide our external partners on properly reporting vulnerabilities. We welcome your input and appreciate your efforts to safeguard TikTok.

**

**Vulnerability Reporting Policy**

**

       •  For questions, concerns, or issues with your profile, please click here.  
       •  For questions, concerns, or issues with TikTok's privacy policy or fraud, please click here.  
       •  If someone is misusing your brand, contact us.

If you believe you have discovered a security bug or vulnerability on the TikTok app or website, please submit your report here. You will be redirected to the website of HackerOne, our trusted security bug bounty partner. HackerOne provides more information on submission guidelines and will allow you to submit a report.

TikTok follows a Coordinated Disclosure Policy. Please refer to the **Disclosure and Confidentiality Policy** defined in TikTok HackerOne Policy for more details.

**

**Guidelines**

**

  
Please visit the **Program Rules and Guidelines** section in TikTok HackerOne Policy for details.

**

**Frequently Asked Questions (FAQ)**

**

**What type of issues are considered security vulnerabilities and should be reported?**

Issues regarding technical security bugs affecting TikTok should be reported here. Issues include, but are not limited to the following:  
       •  XSS, CSRF, SSRF , SQL Injection, ROP, JOP, etc.       •  Leaked or hard coded sensitive credentials       •  Exploitable and dangerous APIs.  
       •  Control flow hijacking attacks  
       •  User data leaks  
       •  Issues listed in the OWASP Top Ten for Web Apps  
       •  Issues listed in the OWASP Top Ten for Mobile Apps  
       •  Authentication or authorization vulnerabilities  
       •  Access to internal TikTok resources like backend source code, database, etc.  
       •  Open redirect - if an additional security impact can be demonstrated  
       •  Anti-Automation security bypasses or lack of rate limiting on authenticated endpoints  
       •  Using the TikTok application for privilege escalation to attack the mobile operating system  
       •  Arbitrary code execution on TikTok servers/clients

**Is there a reward, bounty or CVE for confirmed vulnerabilities?**

Please visit **Rewards** & **Not Eligible for Reward** sections in TikTok HackerOne Policy for more details about bounty.

**How much time is needed before I can publish my findings?**

We request that security researchers follow the **Disclosure and Confidentiality Policy** defined in TikTok HackerOne Policy.

**Which web domains are within scope for TikTok?**

Please visit **In Scope** section in TikTok HackerOne Policy for details.

**How can I be notified that a security issue I've reported is being investigated?**

The security issues reported will be evaluated based on criticality and business priority and go through our investigation triage pipeline accordingly. We will keep you informed of the progress of the case to the best of our ability.

**Was this helpful?**

**Helpful links**

Creating an account

Setting up your profile

Creating a TikTok Video

CVE-2022-28799: Report security vulnerabilities | TikTok Help Center

Black Rainbow NIMBUS before 3.7.0 allows stored Cross-site Scripting (XSS).

*   Case Management
*   Orchestration & Automation
*   Quality Management System
*   Investigation Management
*   Phaneros Portal
*   Forensic Lab Management
*   Crime Scene Investigation
*   Resource (People, Process, Technology, Time, Data) Management
*   Nimbus Cloud & Saas
*   Nimbus Intelligence
*   Incident Response Lifecycle Management
*   Resource Library
*   Support
*   Contact

Skip to content

*   Government
*   Military
*   Corporate
*   Law enforcement

**COMPLEX OPERATIONS PLATFORM**

**VISUAL ANALYTICS**

**INVESTIGATION MANAGEMENT**

**On Prem - Cloud - SaaS**

**MODULAR DESIGN**

Corporate

**NIMBUS**

**Investigation Control**

NIMBUS provides total control and oversight to any investigation allowing USERS, PROCESS & TECHNOLOGY to seamlessly work together within the connected fabric of the COMPLEX OPERATIONS PLATFORM.

Explore the core NIMBUS modules.

**Investigation Management**

**Organised & Complex Investigation Lifecycle Platform**

Streamline complex Investigations by harnessing the Governance, Case Management, Quality Management, Orchestration and combine them with full disclosure management, Document Review and mark up, Actions management, Case analytics, Configurable Dashboards and management reporting to unravel any complexity in the  investigation along with full disclosure review and Digital Case file production.

**Investigation Management**

**Packed with features including:**

**Case Management**

**Digital & Traditional case management**

Solving everyday case management problems surrounding integrity, efficiency, evidence tracking, asset management, full management reporting and by combing solutions into a simple and intuitive user experience seamlessly integrating with all NIMBUS modules.

**Case Management**

**Packed with features including:**

**Orchestration & Automation**

**Orchestration & Automation Platform**

Visually digitise standard operating procedures, lab workflows or any playbook with ease allowing integration with forensic technologies, digital or traditional or external data sources. Orchestrate multiple automations, queue, prioritise, status controlled, workflow within workflow fully audited and reportable.

**Orchestration & Automation**

**Packed with features including:**

**NIMBUS Cloud & SaaS**

**Instant and flexible deployment**

Leverage the power, resilience, and speed of deployment of NIMBUS in the cloud environment of your choice as a true SaaS offering. Managed by an industry leading service delivery model, BlackRainbow removes the risk and complication of an on premise installation whilst delivering full functionality in an accelerated way.

**NIMBUS Cloud & SaaS**

**Packed with features including:**

**NIMBUS Incident Response Lifecycle Management Platform**

**Total Security Operations Management**

BlackRainbow’s incident response lifecycle management platform accelerates the incident response lifecycle, it is the connecting fabric for security infrastructure and teams. It offers entire incident management, intelligent automation and orchestration and interactive investigation. The platform has a focus on customisability and collaboration. This solution is available as a SaaS cloud-based solution, or it can be deployed on premise.

**NIMBUS Incident Response Lifecycle Management Platform**

**Packed with features including:**

**Would you like to see NIMBUS in action ?**

**PHANEROS Portal**

**Forensic requests submitted from anywhere on any platform**

PHANEROS the NIMBUS submission portal is an advanced configurable two-way electronic mobile submission management and production system for compiling, publishing, importing, and reviewing forensic case submissions. Remote users can add a case, build submissions to NIMBUS Core for authorisation, enter evidence, notes, and scene information with an on or offline capability with no need for a heavy local application install.

**PHANEROS Portal**

**Packed with features including:**

**NIMBUS Intelligence Management**

**Intelligence when you need it**

NIMBUS intelligence management and orchestration allows the ability to instigate, integrate or ‘reach out’ to the relevant intelligence resource needed for that stage of the investigation. It may be that OSINT, Dark web, local digital media seizure, external threat feeds, case metadata or external database information is needed to assist with the next stage of the investigation, NIMBUS manages the flow, automates workflow and notifications on watchlists and aggregates all of the intelligence in an authorised and auditable way.

**NIMBUS Investigation Management**

**Packed with features including:**

**Quality Management System**

**Integrated Quality Management System**

QMS aligns all the necessary areas to drive accreditation to any ISO standard or equivalent international standard. Manage and control your business performance, data and risks using our integrated quality management modules, non-conformance, actions, assets and more. When combined with NIMBUS CM it accelerates and governs the ability to obtain and maintain ISO accreditation, whilst removing administrative burdens associated to siloed systems.

**Quality Management System**

**Packed with features including:**

**Resource Library**

**Watch, read, and listen up**

All the latest videos, papers, articles, datasheets and updates from BlackRainbow

**BlackRainbow**

**Follow us**

Page load link

This website uses cookies for security and usage monitoring. You can accept or reject cookies or see the details and control which cookies are set using the buttons.

**Privacy Overview**

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyse and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie

Duration

Description

cookielawinfo-checbox-analytics

1 year

This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".

cookielawinfo-checkbox-necessary

1 year

This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".

viewed\_cookie\_policy

1 year

The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Cookie

Duration

Description

\_ga

2 years

This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.

\_gat\_gtag\_UA\_109233946\_1

1 minute

This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.

\_gid

1 day

This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.

Powered by

Tag

#xss