4 matches found
Malicious Package
Overview @t4i-cms-components/contact-card is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...
CVE-2024-38369
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The content of a document included using include reference="targetdocument"/ is executed with the right of the includer and not with the right of its author. This means that any user able to...
XWiki programming rights may be inherited by inclusion
Impact The content of a document included using include reference="targetdocument"/ is executed with the right of the includer and not with the right of its author. This means that any user able to modify the target document can impersonate the author of the content which used the include macro...
Money Laundering Via Author Impersonation on Amazon?
Patrick Reames had no idea why Amazon.com sent him a 1099 form saying he'd made almost $24,000 selling books via Createspace, the company's on-demand publishing arm. That is, until he searched the site for his name and discovered someone has been using it to peddle a $555 book that's full of...