π΄ Lightspin Launches Remediation Hub to Identify and Fix Cloud Security Threats π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Lightspin Launches Remediation Hub to Identify and Fix Cloud Security Threats
NEW YORK , March 22, 2023 /PRNewswire/ -- Lightspin, the leading cloud security solution for SaaS companies, today launched the Remediation Hub as part of its cloud-native application protection platform (CNAPP) solution. An evolution of Lightspin's rootβ¦
π΄ CISA Warns on Unpatched ICS Vulnerabilities Lurking in Critical Infrastructure π΄
π Read
via "Dark Reading".
The advisory comes the same week as a warning from the EU's ENISA about potential for ransomware attacks on OT systems in the transportation sector.π Read
via "Dark Reading".
Dark Reading
CISA Warns on Unpatched ICS Vulnerabilities Lurking in Critical Infrastructure
The advisory comes the same week as a warning from the EU's ENISA about potential for ransomware attacks on OT systems in the transportation sector.
βΌ CVE-2023-28659 βΌ
π Read
via "National Vulnerability Database".
The Waiting: One-click Countdowns WordPress Plugin, version <= 0.6.2, is affected by an authenticated SQL injection vulnerability in the pbc_down[meta][id] parameter of the pbc_save_downs action.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28434 βΌ
π Read
via "National Vulnerability Database".
Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28660 βΌ
π Read
via "National Vulnerability Database".
The Events Made Easy WordPress Plugin, version <= 2.3.14 is affected by an authenticated SQL injection vulnerability in the 'search_name' parameter in the eme_recurrences_list action.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28665 βΌ
π Read
via "National Vulnerability Database".
The Woo Bulk Price Update WordPress plugin, in versions < 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'page' parameter to the techno_get_products action, which can only be triggered by an authenticated user.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28117 βΌ
π Read
via "National Vulnerability Database".
Sentry SDK is the official Python SDK for Sentry, real-time crash reporting software. When using the Django integration of versions prior to 1.14.0 of the Sentry SDK in a specific configuration it is possible to leak sensitive cookies values, including the session cookie to Sentry. These sensitive cookies could then be used by someone with access to your Sentry issues to impersonate or escalate their privileges within your application. In order for these sensitive values to be leaked, the Sentry SDK configuration must have `sendDefaultPII` set to `True`; one must use a custom name for either `SESSION_COOKIE_NAME` or `CSRF_COOKIE_NAME` in one's Django settings; and one must not be configured in one's organization or project settings to use Sentry's data scrubbing features to account for the custom cookie names. As of version 1.14.0, the Django integration of the `sentry-sdk` will detect the custom cookie names based on one's Django settings and will remove the values from the payload before sending the data to Sentry. As a workaround, use the SDK's filtering mechanism to remove the cookies from the payload that is sent to Sentry. For error events, this can be done with the `before_send` callback method and for performance related events (transactions) one can use the `before_send_transaction` callback method. Those who want to handle filtering of these values on the server-side can also use Sentry's advanced data scrubbing feature to account for the custom cookie names. Look for the `$http.cookies`, `$http.headers`, `$request.cookies`, or `$request.headers` fields to target with a scrubbing rule.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28666 βΌ
π Read
via "National Vulnerability Database".
The InPost Gallery WordPress plugin, in versions < 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'imgurl' parameter to the add_inpost_gallery_slide_item action, which can only be triggered by an authenticated user.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27224 βΌ
π Read
via "National Vulnerability Database".
An issue found in NginxProxyManager v.2.9.19 allows an attacker to execute arbitrary code via a lua script to the configuration file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-45003 βΌ
π Read
via "National Vulnerability Database".
Gophish through 0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted payload involving autofocus.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0386 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernelΓ’β¬β’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28664 βΌ
π Read
via "National Vulnerability Database".
The Meta Data and Taxonomies Filter WordPress plugin, in versions < 1.3.1, is affected by a reflected cross-site scripting vulnerability in the 'tax_name' parameter of the mdf_get_tax_options_in_widget action, which can only be triggered by an authenticated user.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28432 βΌ
π Read
via "National Vulnerability Database".
Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. All users of distributed deployment are impacted. All users are advised to upgrade to RELEASE.2023-03-20T20-16-18Z.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28439 βΌ
π Read
via "National Vulnerability Database".
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages on a web page with missing proper Content Security Policy configuration; initializing the editor on an element and using an element other than `<textarea>` as a base; and destroying the editor instance. This vulnerability might affect a small percentage of integrators that depend on dynamic editor initialization/destroy mechanism. A fix is available in CKEditor4 version 4.21.0. In some rare cases, a security fix may be considered a breaking change. Starting from version 4.21.0, the Iframe Dialog plugin applies the `sandbox` attribute by default, which restricts JavaScript code execution in the iframe element. To change this behavior, configure the `config.iframe_attributes` option. Also starting from version 4.21.0, the Media Embed plugin regenerates the entire content of the embed widget by default. To change this behavior, configure the `config.embed_keepOriginalContent` option. Those who choose to enable either of the more permissive options or who cannot upgrade to a patched version should properly configure Content Security Policy to avoid any potential security issues that may arise from embedding iframe elements on their web page.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28662 βΌ
π Read
via "National Vulnerability Database".
The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28661 βΌ
π Read
via "National Vulnerability Database".
The WP Popup Banners WordPress Plugin, version <= 1.2.5, is affected by an authenticated SQL injection vulnerability in the 'value' parameter in the get_popup_data action.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28667 βΌ
π Read
via "National Vulnerability Database".
The Lead Generated WordPress Plugin, version <= 1.23, was affected by an unauthenticated insecure deserialization issue. The tve_labels parameter of the tve_api_form_submit action is passed to the PHP unserialize() function without being sanitized or verified, and as a result could lead to PHP object injection, which when combined with certain class implementations / gadget chains could be leveraged to perform a variety of malicious actions granted a POP chain is also present.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28438 βΌ
π Read
via "National Vulnerability Database".
Pimcore is an open source data and experience management platform. Prior to version 10.5.19, since a user with 'report' permission can already write arbitrary SQL queries and given the fact that this endpoint is using the GET method (no CSRF protection), an attacker can inject an arbitrary query by manipulating a user to click on a link. Users should upgrade to version 10.5.19 to receive a patch or, as a workaround, may apply the patch manually.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28119 βΌ
π Read
via "National Vulnerability Database".
The crewjam/saml go library contains a partial implementation of the SAML standard in golang. Prior to version 0.4.13, the package's use of `flate.NewReader` does not limit the size of the input. The user can pass more than 1 MB of data in the HTTP request to the processing functions, which will be decompressed server-side using the Deflate algorithm. Therefore, after repeating the same request multiple times, it is possible to achieve a reliable crash since the operating system kills the process. This issue is patched in version 0.4.13.π Read
via "National Vulnerability Database".
βΌ CVE-2022-45004 βΌ
π Read
via "National Vulnerability Database".
Gophish through 0.12.1 was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted landing page.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28663 βΌ
π Read
via "National Vulnerability Database".
The Formidable PRO2PDF WordPress Plugin, version < 3.11, is affected by an authenticated SQL injection vulnerability in the Γ’β¬ΛfieldmapΓ’β¬β’ parameter in the fpropdf_export_file action.π Read
via "National Vulnerability Database".