Monthly Archive: November 2020

MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attacker with write permissions can upload an SVG file that contains malicious javascript. This javascript will be executed in a user’s browser when...

Azure DevOps Server and Team Foundation Services Spoofing Vulnerability Date published : 2020-11-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1325

Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins. Date published : 2020-11-10 https://github.com/intelliants/subrion/commits/develop https://github.com/ngpentest007/CVE-2019-7357/blob/main/Subrion_4.2.1%20-%20CVE-2019-7357.pdf

This affects all versions of package json-ptr. The issue occurs in the set operation (https://flitbit.github.io/json-ptr/classes/_src_pointer_.jsonpointer.htmlset) when the force flag is set to true. The function recursively set the property in the target object, however...

SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check. Date published : 2020-11-10...

Dell Inspiron 15 7579 2-in-1 BIOS versions prior to 1.31.0 contain an Improper SMM communication buffer verification vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain...

IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

IBM Content Navigator 3.0CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within...

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, and 4.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 184157. Date published : 2020-11-10 https://www.ibm.com/support/pages/node/6365305...

The server in Dundas BI through 8.0.0.1001 allows XSS via addition of a Component (e.g., a button) when events such as click, hover, etc. occur. Date published : 2020-11-10 https://mattschmidt.net/2020/11/10/dundas-persistent-xss/

The server in Dundas BI through 8.0.0.1001 allows XSS via an HTML label when creating or editing a dashboard. Date published : 2020-11-10 https://mattschmidt.net/2020/11/10/dundas-persistent-xss/

Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there...

Prototype pollution vulnerability in ‘@strikeentco/set’ version 1.0.0 allows attacker to cause a denial of service and may lead to remote code execution. Date published : 2020-11-10 https://www.whitesourcesoftware.com/vulnerability-database/CVE-2020-28267 https://github.com/strikeentco/set/commit/102cc6b2e1d1e0c928ced87e75df759d5541ff60

A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below by TCL Technology Group Corporation allows a local unprivileged attacker, such as a malicious App, to...