491 matches found
CVE-2022-0983
An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default...
Sql injection
An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default...
UBUNTU-CVE-2022-0983
An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default...
CVE-2022-0983
CVE-2022-0983 describes an SQL injection in Moodle’s badges code for configuring criteria. The issue affects Moodle releases where the badges feature is present, with public sources noting the vulnerability in Moodle 3.9.x before 3.9.13, 3.10.x before 3.10.10, and 3.11.x before 3.11.6. The access...
CVE-2022-0983
An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default...
The Digital Citizen’s Guide to Navigating Cyber Conflict
As security professionals, we are currently being bombarded with warnings and alerts of a heightened threat level due to the possibility that Russia will start to more aggressively leverage cyberattacks as part of their offensive. If you are feeling the pressure of getting everything done, check...
CVE-2022-0983
An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default...
Moderate: Red Hat Security Advisory: libarchive security update
An update for libarchive is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
libarchive security update
An update is available for libarchive. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libarchive programming library can create and read several different...
Multiple Security Flaws Discovered in Popular Software Package Managers
Multiple security vulnerabilities have been disclosed in popular package managers that, if potentially exploited, could be abused to run arbitrary code and access sensitive information, including source code and access tokens, from compromised machines. It's, however, worth noting that the flaws...
Trellix Global Defenders: Invasion of the Information Snatchers - Protecting against RedLine Infostealer
Trellix Global Defenders: Invasion of the Information Snatchers - Protecting against RedLine Infostealer By Taylor Mullins · February 7, 2022 What information are you storing in your Browsers? Storing credentials and other important information in web browsers is a helpful method to not have to...
Trellix Global Defenders: Invasion of the Information Snatchers - Protecting against RedLine Infostealer
Trellix Global Defenders: Invasion of the Information Snatchers - Protecting against RedLine Infostealer By Taylor Mullins · February 7, 2022 What information are you storing in your Browsers? Storing credentials and other important information in web browsers is a helpful method to not have to...
CVE-2022-0333
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageentries capability allowed managers to access or modify any calendar event, but should have been restricted from accessing user level events...
GHSA-C6RP-XVQV-MWMF Cross-site Scripting in epubjs
managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS...
CVE-2021-33040
managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS...
CVE-2021-33040
managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS...
Cross site scripting
managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS...
CVE-2021-33040
managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS...
CVE-2021-33040
CVE-2021-33040 affects FuturePress EPub.js (prior to v0.3.89). The vulnerability is a XSS in managers/views/iframe.js due to insufficient escaping of user-submitted data. Used in the EPUB rendering library; impact is cross-site scripting. Public references indicate the fix is in v0.3.89 (upstream...
Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud
While researching a recent large-scale bot campaign with CQ Prime Threat Research team lead, Dean Lendrum, we found attackers using domain parking and monetization services to register multiple domains, creating a large number of fake eCommerce accounts per domain. TL; DR ------ Analysis of...