Microsoft Security Advisory CVE-2023-28260: .NET Remote Code Execution Vulnerability
Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guid…
[github.com/traefik/traefik/v2] Traefik HTTP header parsing could cause a denial of service
Impact
There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik.
HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This behavior could be exploited to cause a denial of ser…
[github.com/answerdev/answer] Answer vulnerable to Exposure of Sensitive Information Through Metadata
answerdev/answer is an open-source knowledge-based community software. Answer prior to 1.0.8 may expose sensitive information, such as EXIF data and GPS coordatinates, via image metadata.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1974
https…
[github.com/answerdev/answer] Answer vulnerable to Insertion of Sensitive Information Into Sent Data
answerdev/answer is an open-source knowledge-based community software. Answer prior to 1.0.8 does not strip EXIF geolocation data from user-uploaded logos. As a result, anyone can get sensitive information like a user’s device ID, geolocation, system i…
[safe-eval] safe-eval vulnerable to Sandbox Bypass due to improper input sanitization
All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation. Exploiting this vulnerability might result in remote code execution (RCE).
Vu…
[safe-eval] safe-eval vulnerable to Prototype Pollution via the safeEval function
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-26121
https://github.com/hacksparrow/saf…
[@sveltejs/kit] SvelteKit framework has Insufficient CSRF protection for CORS requests
Summary
The SvelteKit framework offers developers an option to create simple REST APIs. This is done by defining a +server.js file, containing endpoint handlers for different HTTP methods.
SvelteKit provides out-of-the-box cross-site request forgery (C…
[xml2js] xml2js is vulnerable to prototype pollution
xml2js versions before 0.5.0 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validate incoming JSON keys, thus allowing the __proto__ property to be edited.
References
…
[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) in FAQ comment username parameter
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting (XSS) because it fails to sanitize user input in the FAQ comment username parameter. This has been fixed in 3.1.12.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-175…
[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via adminlog
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting (XSS) because it fails to sanitize user input in the adminlog. This has been fixed in 3.1.12.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1878
https://github.com/t…