MODERATE

[com.checkmarx.jenkins:checkmarx] CSRF vulnerability in Jenkins Checkmarx Plugin allow capturing credentials

Checkmarx Plugin 2022.1.2 and earlier does not perform permission checks in several HTTP endpoints.
This allows attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained throu…

[org.continuousassurance.swamp.jenkins:swamp] Missing permission check in Jenkins SWAMP Plugin allows capturing credentials

SWAMP Plugin 1.2.6 and earlier does not perform a permission check in a method implementing form validation.
This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained th…

[Swashbuckle.AspNetCore.SwaggerUI] Server side request forgery in SwaggerUI

SwaggerUI supports displaying remote OpenAPI definitions through the ?url parameter. This enables robust demonstration capabilities on sites like petstore.swagger.io, editor.swagger.io, and similar sites, where users often want to see what their OpenAP…

[disrustor] Data race in disrustor

An issue was discovered in the disrustor crate through 2020-12-17 for Rust. RingBuffer doe not properly limit the number of mutable references.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-36470
https://github.com/sklose/disrustor/issues/1
htt…

[time] Segmentation fault in time

Impact
Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user’s know…

[org.jenkins-ci.plugins:p4] Missing Authorization in Jenkins P4 plugin

Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password.
P4 P…

[ckeditor4] CKEditor 4.0 vulnerability in the HTML Data Processor

A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14.0 allows remote attackers to inject arbitrary web script through a crafted “protected” comment (with the cke_protected syntax).
References

https://nvd.n…

[jQuery.Validation] Regular Expression Denial of Service in jquery-validation

The GitHub Security Lab team has identified potential security vulnerabilities in jquery.validation.
The project contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service)
This issue was discovered and …

[TinyMCE] Cross-site scripting vulnerability in TinyMCE

Impact
A cross-site scripting (XSS) vulnerability was discovered in the URL sanitization logic of the core parser. The vulnerability allowed arbitrary JavaScript execution when inserting a specially crafted piece of content into the editor using the cl…

[jquery] Potential XSS vulnerability in jQuery

Impact
Passing HTML from untrusted sources – even after sanitizing it – to one of jQuery’s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code.
Patches
This problem is patched in jQuery 3.5.0.
Workarounds
To workar…

TechMedia

Featured

[vitess.io/vitess] vitess allows users to create keyspaces that can deny access to already existing keyspaces

[github.com/answerdev/answer] Answer vulnerable to account takeover because password reset links do not expire

[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to improper access control

[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via updatecategory parameter