Permissive List of Allowed Inputs

Overview org.webjars.npm:dompurify is a DOM-only XSS sanitizer for HTML, MathML and SVG. Affected versions of this package are vulnerable to Permissive List of Allowed Inputs in the ADDATTR predicate function via EXTRAELEMENTHANDLING.attributeCheck. An attacker can inject and execute malicious...

GHSA-CJMM-F4JC-QW8R DOMPurify ADD_ATTR predicate skips URI validation

Summary DOMPurify allows ADDATTR to be provided as a predicate function via EXTRAELEMENTHANDLING.attributeCheck. When the predicate returns true, isValidAttribute short-circuits the attribute check before URI-safe validation runs. An attacker who supplies a predicate that accepts specific...

DOMPurify ADD_ATTR predicate skips URI validation

Summary DOMPurify allows ADDATTR to be provided as a predicate function via EXTRAELEMENTHANDLING.attributeCheck. When the predicate returns true, isValidAttribute short-circuits the attribute check before URI-safe validation runs. An attacker who supplies a predicate that accepts specific...

CVE-2026-3872 Keycloak: keycloak: information disclosure due to redirect_uri validation bypass

A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allowed path in redirect Uniform Resource Identifiers URIs that use a wildcard. A successful attack may lead to the theft of an access token, resulting in information...

CVE-2024-52598

2FAuth is a web app to manage Two-Factor Authentication 2FA accounts and generate their security codes. Two interconnected vulnerabilities exist in version 5.4.1 a SSRF and URI validation bypass issue. The endpoint at POST /api/v1/twofaccounts/preview allows setting a remote URI to retrieve the...

CVE-2024-52598 2FAuth vulnerable to Server Side Request Forgery + URI validation bypass in 2fauth /api/v1/twofaccounts/preview

2FAuth is a web app to manage Two-Factor Authentication 2FA accounts and generate their security codes. Two interconnected vulnerabilities exist in version 5.4.1 a SSRF and URI validation bypass issue. The endpoint at POST /api/v1/twofaccounts/preview allows setting a remote URI to retrieve the...

CVE-2024-52598 2FAuth vulnerable to Server Side Request Forgery + URI validation bypass in 2fauth /api/v1/twofaccounts/preview

2FAuth is a web app to manage Two-Factor Authentication 2FA accounts and generate their security codes. Two interconnected vulnerabilities exist in version 5.4.1 a SSRF and URI validation bypass issue. The endpoint at POST /api/v1/twofaccounts/preview allows setting a remote URI to retrieve the...

CVE-2024-52598

2FAuth 5.4.1 fixes a pair of issues: an SSRF vulnerability and a URI validation bypass in the POST /api/v1/twofaccounts/preview endpoint. An attacker can supply a remote URI; the app may perform a GET to that URL and, if the response appears as an image, store it on the server. The URI filter che...

PT-2024-35394 · 2Fauth · 2Fauth

Name of the Vulnerable Software and Affected Versions: 2FAuth version 5.4.1 2FAuth versions prior to 5.4.1 Description: 2FAuth is a web application used to manage Two-Factor Authentication 2FA accounts and generate their security codes. It contains two interconnected vulnerabilities: a Server-Sid...

CVE-2023-23924

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...