CVE-2025-66075 WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 4.0.3...

EUVD-2022-1946

Malicious code in bioql PyPI...

Malicious code in consent-page (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2018 Malicious code in consent-page (npm)

--- -= Per source details. Do not edit below this line.=-...

GHSA-292X-HJR8-226F Cloud Foundry UAA Privilege Escalation

Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their...

OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks

An APT known as TA2552 has been spotted using OAuth2 or other token-based authorization methods to access Office 365 accounts, in order to steal users’ contacts and mail. OAuth is an open standard for access delegation, commonly used as a way for people to sign into services without entering a...

Privilege Escalation

cloudfoundry-identity-server is vulnerable to privilege escalation attacks. The vulnerability exists due to an error in validation, allowing an authenticated user to gain an OAuth token with arbitrary scopes by modifying the url and content of the consent page...

Cloud Foundry UAA release and UAA elevation of privilege vulnerabilities

Both uaa-release and uaa are different versions of Cloud Foundry's authentication and management service endpoints. An elevation of privilege vulnerability exists in Cloud Foundry UAA release before 64.0 and UAA before 4.23.0. The vulnerability stems from an authentication error in both. An...

CVE-2018-15761

Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their...

CVE-2018-15761 UAA Privilege Escalation

Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their...

CVE-2018-15761: UAA Privilege Escalation | Cloud Foundry

Severity Critical Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions You are using uaa-release versions prior to v64.0 You are using uaa versions prior to 4.23.0 Description Cloud Foundry UAA, release versions prior to v64.0, contains a validation error which allows for...