pgAdmin is affected by a multi-factor authentication bypass vulnerability

pgAdmin = 8.5 is affected by a multi-factor authentication bypass vulnerability. This vulnerability allows an attacker with knowledge of a legitimate account’s username and password may authenticate to the application and perform sensitive actions within the application, such as managing files an...

pgAdmin Cross-site Scripting vulnerability in /settings/store API response json payload

pgAdmin = 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end...

GHSA-XV64-8P4R-94GQ pgAdmin Cross-site Scripting vulnerability in /settings/store API response json payload

pgAdmin = 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end...

GHSA-2MVC-557G-5638 pgAdmin is affected by a multi-factor authentication bypass vulnerability

pgAdmin = 8.5 is affected by a multi-factor authentication bypass vulnerability. This vulnerability allows an attacker with knowledge of a legitimate account’s username and password may authenticate to the application and perform sensitive actions within the application, such as managing files an...

CVE-2024-4216

pgAdmin = 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end...

CVE-2024-4215

pgAdmin = 8.5 is affected by a multi-factor authentication bypass vulnerability. This vulnerability allows an attacker with knowledge of a legitimate account’s username and password may authenticate to the application and perform sensitive actions within the application, such as managing files an...

CVE-2024-4216

pgAdmin = 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end...

CVE-2024-4215

pgAdmin = 8.5 is affected by a multi-factor authentication bypass vulnerability. This vulnerability allows an attacker with knowledge of a legitimate account’s username and password may authenticate to the application and perform sensitive actions within the application, such as managing files an...

CVE-2024-4216 XSS vulnerability in /settings/store API response json payload in pgAdmin 4

pgAdmin = 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end...

CVE-2024-4216

CVE-2024-4216 affects pgAdmin <= 8.5 with an XSS in the /settings/store API response JSON payload, allowing an attacker to execute malicious script on the client side. The vulnerability is described with CVSS metrics indicating a remotely exploitable issue with low user interaction in the NVD ...

CVE-2024-4216 XSS vulnerability in /settings/store API response json payload in pgAdmin 4

pgAdmin = 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end...

CVE-2024-4215 The Multi Factor Authentication bypass vulnerability in pgAdmin 4

pgAdmin = 8.5 is affected by a multi-factor authentication bypass vulnerability. This vulnerability allows an attacker with knowledge of a legitimate account’s username and password may authenticate to the application and perform sensitive actions within the application, such as managing files an...

CVE-2024-4215

CVE-2024-4215 concerns pgAdmin4. Affected: pgadmin4 (ld

CVE-2024-4215 The Multi Factor Authentication bypass vulnerability in pgAdmin 4

pgAdmin = 8.5 is affected by a multi-factor authentication bypass vulnerability. This vulnerability allows an attacker with knowledge of a legitimate account’s username and password may authenticate to the application and perform sensitive actions within the application, such as managing files an...

pgAdmin 跨站脚本漏洞

pgAdmin is an open source management and development platform for the open source database PostgreSQL. A cross-site scripting vulnerability exists in pgAdmin 8.5 and earlier versions, which stems from a cross-site scripting vulnerability in the /settings/store endpoint that responds to a json loa...

pgAdmin 安全漏洞

pgAdmin is an open source administration and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin version 8.5 and prior versions that originated from a vulnerability that allows an attacker who knows the username and password of a legitimate...

PT-2024-9759 · Pgadmin +2 · Pgadmin +2

Name of the Vulnerable Software and Affected Versions: pgAdmin versions = 8.5 Description: The issue exists due to the incorrect implementation of multi-factor authentication in the pgAdmin database management tool. This allows a remote attacker to gain unauthorized access to the application and...

Fedora 40 : pgadmin4 / python-jsonformatter (2024-15df3b6d95)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-15df3b6d95 advisory. Update to pgadmin4-8.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Fedora 39 : pgadmin4 (2024-f04c2ec90b)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f04c2ec90b advisory. Backport fix for CVE-2024-3116. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Metasploit Weekly Wrap-Up 04/19/24

Welcome Ryan and the new CrushFTP module It's not every week we add an awesome new exploit module to the Framework while adding the original discoverer of the vulnerability to the Rapid7 team as well. We're very excited to welcome Ryan Emmons to the Emergent Threat Response team, which works...