Vikunja has SSRF via Todoist/Trello Migration File Attachment URLs that Allows Reading Internal Network Resources

Summary The migration helper functions DownloadFile and DownloadFileWithHeaders in pkg/modules/migration/helpers.go make arbitrary HTTP GET requests without any SSRF protection. When a user triggers a Todoist or Trello migration, file attachment URLs from the third-party API response are passed...

EUVD-2023-44240

Malicious code in bioql PyPI...

BIT-MATTERMOST-2023-3590

Mattermost fails to delete card attachments in Boards, allowing an attacker to access deleted attachments...

CVE-2023-3590

Mattermost fails to delete card attachments in Boards, allowing an attacker to access deleted attachments...

Code injection

Mattermost fails to delete card attachments in Boards, allowing an attacker to access deleted attachments...

CVE-2023-3590 Deleted attachments in Boards remain accessible

Mattermost fails to delete card attachments in Boards, allowing an attacker to access deleted attachments...

Trello: Malicious file can be hidden as Card Attachment or Card Cover image

You can upload infected jpeg files to a card. If a user clicks on the attachment image, the infected file will get downloaded instead of showing the image. On opening it, any sort of system calls can be run on the victim. Steps to Reproduce 1 Navigate to https://trello.com/ 2 Click on the Tutoria...