CVE-2022-26833

The CVE-2022-26833 issue affects Open Automation Software OAS Platform V16.00.0121. A vulnerability in the REST API allows unauthenticated use via a crafted sequence of HTTP requests, stemming from improper authentication. Consequences cited in the sources include unauthenticated access to the RE...

Open Automation Software OAS Platform REST API unauthenticated vulnerability

Summary An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this...

Lack of type validation in agent related REST API in Jenkins

Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the config.xml REST API endpoint of a node. This allows attackers with Computer/Configure permission to replace a node with one of a different type. Jenkins 2.287, L...

Arbitrary file existence check in file fingerprints in Jenkins

Jenkins provides a feature for jobs to store and track fingerprints of files used during a build. Jenkins 2.274 and earlier, LTS 2.263.1 and earlier provides a REST API to check where a given fingerprint was used by which builds. This endpoint does not fully validate that the provided fingerprint...

mongo-rest-api (=0.1.0), pine-ql (>=0.1.0 <=0.5.4) potentially affected by CVE-2020-28272 via keyget (=1.0.1)

keyget NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on keyget and may be impacted: - mongo-rest-api =0.1.0 - pine-ql =0.1.0, =0.5.4 Source cves: CVE-2020-28272 Source advisory: OSV:GHSA-8MP8-28XH-R486...

GHSA-39RW-4M66-82GF Magento incorrect user permissions vulnerability within the Inventory component

Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect user permissions vulnerability within the Inventory component. This vulnerability could be abused by authenticated users with Inventory and Source permissions to make unauthorized changes to inventory source data via the...

GHSA-HVF5-4JR9-FGHH Magento incorrect permissions vulnerability in the Integrations component

Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect permissions vulnerability in the Integrations component. This vulnerability could be abused by authenticated users with permissions to the Resource Access API to delete customer details via the REST API without authorizati...

GHSA-RWF7-652F-76MV Magento 2 Community Edition vulnerable to Improper Authorization

Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect permissions vulnerability within the Integrations component. This vulnerability could be abused by users with permissions to the Pages resource to delete cms pages via the REST API without authorization...

Magento 2 Community Edition vulnerable to Improper Authorization

Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect permissions vulnerability within the Integrations component. This vulnerability could be abused by users with permissions to the Pages resource to delete cms pages via the REST API without authorization...

Magento incorrect user permissions vulnerability within the Inventory component

Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect user permissions vulnerability within the Inventory component. This vulnerability could be abused by authenticated users with Inventory and Source permissions to make unauthorized changes to inventory source data via the...

Magento incorrect permissions vulnerability in the Integrations component

Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect permissions vulnerability in the Integrations component. This vulnerability could be abused by authenticated users with permissions to the Resource Access API to delete customer details via the REST API without authorizati...

GHSA-R345-X8HR-2R9P acf-to-rest-api plugin insecure direct object reference (IDOR) via permalink manipulation

An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wpoptions table, such as the login and pass...

acf-to-rest-api plugin insecure direct object reference (IDOR) via permalink manipulation

An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wpoptions table, such as the login and pass...

Jenkins REST APIs vulnerable to clickjacking

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier does not serve the X-Frame-Options: deny HTTP header on REST API responses to protect against clickjacking attacks. An attacker could exploit this by routing the victim through a specially crafted web page that embeds a REST API endpoint in an...

Plone Privilege Escallation

plone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain privilege level to escalate their privileges up to the highest level...

Keycloak Unauthenticated Access

A flaw was found in the Keycloak REST API before version 8.0.0, implemented in Keycloak before 7.0.1 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry...

GHSA-2FHR-F6Q6-C4P2 Magento 2 Community Edition Access Control Bypass

An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...

Magento 2 Community Edition Access Control Bypass

An access control bypass vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An unauthenticated user can bypass access controls via REST API calls to assign themselves to an arbitrary company, thereby gaining read access to potentially...

ManageEngine PAM360 REST API Restriction Bypass (CVE-2022-29081)

Binary data manageenginepam360cve-2022-29081.nbin...

WordPress School Management Pro premium plugin < 9.9.7 - Unauthenticated Remote Code Execution (RCE) via REST API

Unauthenticated Remote Code Execution RCE via REST API discovered by Jetpack Scan Team and WordPress elevated support team in WordPress School Management Pro premium plugin versions 9.9.7. Solution Update the WordPress School Management Pro premium plugin to the latest available version at least...