Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m giving an online-only talk on “Securing a World of Physically Capable Computers” as part of Teleport’s Security Visionaries 2022 series, on January 18, 2022. I’m speaking at IT-S Now 2022 in Vienna on June 2, 2022. I’m speaking...

blog.mercy.com Cross Site Scripting vulnerability OBB-2333444

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Halo 跨站脚本漏洞

Halo is a personal blogging system for individual developers. Halo suffers from a cross-site scripting vulnerability, which stems from the lack of proper validation of client-side data in the WEB application, and can be exploited by an attacker to execute client-side code...

blog.barre3.com Cross Site Scripting vulnerability OBB-2331068

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cross site request forgery (csrf)

The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro WordPress plugin before 2.3.1 does not have authorisation and CSRF checks when updating the plugin's settings via the init hook, and does not ensure that the options to be updated belong to the plugin. As a...

CVE-2021-25032

The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro WordPress plugin before 2.3.1 does not have authorisation and CSRF checks when updating the plugin’s settings via the init hook, and does not ensure that the options to be updated belong to the plugin. As a...

CVE-2021-25032

The CVE concerns the WordPress plugins PublishPress Capabilities and PublishPress Capabilities Pro (versions before 2.3.1). The issue stems from missing authorization and CSRF checks when updating plugin settings via the init hook, and failure to validate that updated options belong to the plugin...

Microsoft Sees Rampant Log4j Exploit Attempts, Testing

No surprise here: The holidays bought no Log4Shell relief. Threat actors vigorously launched exploit attempts and testing during the last weeks of December, Microsoft said on Monday, in the latest update to its landing page and guidance around the flaws in Apache’s Log4j logging library. “We have...

WordPress TrustMate.io – integracja z WooCommerce plugin <= 1.7.0 - Arbitrary Blog Option Update vulnerability

Arbitrary Blog Option Update vulnerability discovered by WPScanTeam in WordPress TrustMate.io – integracja z WooCommerce plugin versions = 1.7.0. Solution Update the WordPress TrustMate.io – integracja z WooCommerce plugin to the latest available version at least 1.7.1...

Top 5 DevOps Resource Center Articles of 2021

We look back on the 5 most popular DevOps Resource Center articles in 2021 to help you build at your best in 2022...

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Summary The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, National Security Agency NSA, Australian Cyber Security Centre ACSC, Canadian Centre for Cyber Security CCCS, the Computer Emergency Response Team New Zealand CERT NZ, the New Zealand...

CVE-2020-20605

Blog CMS v1.0 contains a cross-site scripting XSS vulnerability in the /controller/CommentAdminController.java component...

CVE-2020-20605

Blog CMS v1.0 contains a cross-site scripting XSS vulnerability in the /controller/CommentAdminController.java component...

Cross site scripting

Blog CMS v1.0 contains a cross-site scripting XSS vulnerability in the /controller/CommentAdminController.java component...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Apache-Log4j-POC CVE-2021-44228 Proof of Concept of apache log...

CVE-2020-20605

CVE-2020-20605 affects Blog CMS v1.0, with a cross-site scripting (XSS) vulnerability in the /controller/CommentAdminController.java component. The vulnerability is corroborated across multiple sources (NVD/NVD-derived and related feeds) and targets a PHP/MySQL BlogCMS; key impact details indicat...

CVE-2020-20605

Blog CMS v1.0 contains a cross-site scripting XSS vulnerability in the /controller/CommentAdminController.java component...

Shortcode Addons < 3.1.0 - Unauthenticated Arbitrary Option Update

The plugin does not have any authorisation in its REST API endpoint, one of them could allow unauthenticated attackers to update arbitrary blog options. PoC POST /wp-json/ShortCodeAddonsUltimate/v2/addonssettings HTTP/1.1 Accept: / Accept-Language: en-GB,en;q=0.5 Accept-Encoding: gzip, deflate...

Tabs < 3.6.0 - Unauthenticated Arbitrary Option Update

The plugin does not have any authorisation in its REST API endpoint, one of them could allow unauthenticated attackers to update arbitrary blog options. PoC...

Threat Source Newsletter (Dec. 16, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. I'm just going to cut to the chase since I know all anyone wants to read about is Log4J. For the latest Talos research, continually check back on our blog post here. Above is the live stream we recorded Monday morning... This is on...