Security Bulletin: WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to Clickjacking (CVE-2021-39038)

Summary IBM WebSphere Application Server is vulnerable to clickjacking when REST API discovery is configured through the WebSphere administrative console Web Container settings to enable the API Discovery service, or through IBM WebSphere Application Server Liberty features mpOpenAPI-1.0,...

CVE-2021-25087

The Download Manager WordPress plugin before 3.2.35 does not have any authorisation checks in some of the REST API endpoints, allowing unauthenticated attackers to call them, which could lead to sensitive information disclosure, such as posts passwords fixed in 3.2.24 and files Master Keys fixed ...

Information disclosure

The Download Manager WordPress plugin before 3.2.35 does not have any authorisation checks in some of the REST API endpoints, allowing unauthenticated attackers to call them, which could lead to sensitive information disclosure, such as posts passwords fixed in 3.2.24 and files Master Keys fixed ...

CVE-2021-25087 Wordpress Download Manager < 3.2.25 - Sensitive Information Disclosure

The Download Manager WordPress plugin before 3.2.35 does not have any authorisation checks in some of the REST API endpoints, allowing unauthenticated attackers to call them, which could lead to sensitive information disclosure, such as posts passwords fixed in 3.2.24 and files Master Keys fixed ...

CVE-2021-25087

The CVE-2021-25087 entry covers the WordPress Download Manager plugin prior to version 3.2.35, which suffers from missing authorization checks on certain REST API endpoints. This enables unauthenticated callers to access endpoints and potentially disclose sensitive information (e.g., post passwor...

WordPress Rest Routes – Custom Endpoints for WP REST API plugin <= 4.23.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Rest Routes – Custom Endpoints for WP REST API plugin versions = 4.23.0. Solution Update the WordPress Rest Routes – Custom Endpoints for WP REST API plugin to the latest available version at least 4.24.0...

WordPress Rest Routes – Custom Endpoints for WP REST API plugin <= 4.23.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Rest Routes – Custom Endpoints for WP REST API plugin versions = 4.23.0. Solution Update the WordPress Rest Routes – Custom Endpoints for WP REST API plugin to the latest available version at least...

IBM Sterling External Authentication Server 路径遍历漏洞

IBM Sterling External Authentication Server is a client application used to implement extended authentication and validation services for IBM products. IBM Sterling External Authentication Server path traversal vulnerability, which stems from a failure to properly validate RESTAPI configuration...

WooCommerce < 6.2.1 - Subscriber+ Arbitrary Comment Deletion

The plugin does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment PoC Log in as any user with privileges as low as Subscriber...

CVE-2022-22349

IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. An authorized user could import invalid data which could be used for an attack. IBM X-Force ID: 220144...

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.qasymphony.ci.jenkins:qtest (>=1.3.0 <=1.4.6) +16 more potentially affected by CVE-2022-25178 via org.jenkins-ci.plugins.workflow:workflow-cps-global-lib (>=0.1-beta-5 <=2.17)

org.jenkins-ci.plugins.workflow:workflow-cps-global-lib MAVEN version =0.1-beta-5, =1.9.2-beta, =1.3.0, =1.0, =1.0, =1.0, =0.1-beta-5, =1.12.1, =2.2, =1.0.4, =0.1, =1.0, =2.3, =1.0, =1.5 and more Source cves: CVE-2022-25178 Source advisory: OSV:GHSA-5HFV-MG5X-MV32...

CVE-2021-46249

An authorization bypass exploited by a user-controlled key in SpecificApps REST API in ScratchOAuth2 before commit d856dc704b2504cd3b92cf089fdd366dd40775d6 allows app owners to set flags that indicate whether an app is verified on their own apps...

CVE-2021-46249

An authorization bypass exploited by a user-controlled key in SpecificApps REST API in ScratchOAuth2 before commit d856dc704b2504cd3b92cf089fdd366dd40775d6 allows app owners to set flags that indicate whether an app is verified on their own apps...

CVE-2021-46249

An authorization bypass exploited by a user-controlled key in SpecificApps REST API in ScratchOAuth2 before commit d856dc704b2504cd3b92cf089fdd366dd40775d6 allows app owners to set flags that indicate whether an app is verified on their own apps...

Authorization

An authorization bypass exploited by a user-controlled key in SpecificApps REST API in ScratchOAuth2 before commit d856dc704b2504cd3b92cf089fdd366dd40775d6 allows app owners to set flags that indicate whether an app is verified on their own apps...

CVE-2021-46249

The CVE-2021-46249 issue is an authorization bypass in ScratchOAuth2’s SpecificApps REST API that can be exploited via a user-controlled key to let app owners set flags indicating an app is verified. Root cause: API-level authorization bypass enabling modification of verification status without p...

CVE-2021-46249

An authorization bypass exploited by a user-controlled key in SpecificApps REST API in ScratchOAuth2 before commit d856dc704b2504cd3b92cf089fdd366dd40775d6 allows app owners to set flags that indicate whether an app is verified on their own apps...

GHSA-G622-R636-QFQH SQL Injection in Couchbase Sync Gateway

The Couchbase Sync Gateway 2.1.2 in combination with a Couchbase Server is affected by a previously undisclosed N1QL-injection vulnerability in the REST API. An attacker with access to the public REST API can insert additional N1QL statements through the parameters ?startkey? and ?endkey? of the...

SQL Injection in Couchbase Sync Gateway

The Couchbase Sync Gateway 2.1.2 in combination with a Couchbase Server is affected by a previously undisclosed N1QL-injection vulnerability in the REST API. An attacker with access to the public REST API can insert additional N1QL statements through the parameters ?startkey? and ?endkey? of the...

Improper Authentication

etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 is vulnerable to an improper authentication issue when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name CN which matches a valid RBAC username, a remote...