Impact
Users can either intentionally or inadvertently create a keyspace containing / characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list all the keyspaces using vtctldclient Ge…
[github.com/answerdev/answer] Answer vulnerable to account takeover because password reset links do not expire
answerdev/answer is an open-source knowledge-based community software. Answer prior to 1.0.6 is vulnerable to account takeover because the password reset link does not expire.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1976
https://github.co…
[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to improper access control
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to improper access control when FAQ News is marked as inactive in settings and have comments enabled, allowing comments to be posted on inactive FAQs. This has been fixed in 3.1.12.
References
https://nv…
[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via updatecategory parameter
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting (XSS) because it fails to sanitize user input in the updatecategory parameter. This has been fixed in 3.1.12.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1879
http…
[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via HTML export
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting (XSS) because it fails to sanitize user input in the FAQ site while generating an HTML Export. This has been fixed in 3.1.12.
References
https://nvd.nist.gov/vuln/detail/CV…
[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via category field name parameter
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting (XSS) because it fails to sanitize user input in the category field name parameter. This has been fixed in 3.1.12.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1885…
[microweber/microweber] Microweber vulnerable to command injection
microweber/microweber prior to 1.3.3 is vulnerable to command injection in the “first name” field. This allows for server-side template injection, which can lead to arbitrary code execution.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1877
ht…
[grumpydictator/firefly-iii] Firefly III insufficiently expires sessions
Firefly III prior to 6.0.0 insufficiently expires sessions upon close.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1788
https://github.com/firefly-iii/firefly-iii/commit/68f398f97cbe1870fc098d8460bf903b9c3fab30
https://huntr.dev/bounties/7932…
[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to cross-site scripting (XSS) via stopword parameter
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to cross-site scripting (XSS) because it fails to sanitize user input in the stopword parameter. This has been fixed in 3.1.12.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1884
https://github.co…
[uvdesk/community-skeleton] Uvdesk vulnerable to stored cross-site scripting (XSS)
Uvdesk version 1.1.1 allows an unauthenticated remote attacker to exploit a stored XSS in the application. This is possible because the application does not correctly validate the message sent by the clients in the ticket.
References
https://nvd.nist….