Server-Side Request Forgery (SSRF)

Apache Kylin is vulnerable to privilege escalation. The vulnerability exists due to the lack of validation of the host name via the request mappings in StreamingCoordinatorController.java handling /kylin/api/streamingcoordinator/ REST API endpoints allowing an attacker to issue arbitrary requests...

Improper Authorization in Keycloak

A incorrect authorization flaw was found in Keycloak 12.0.0, the flaw allows an attacker with any existing user account to create new default user accounts via the administrative REST API even where new user registration is disabled...

CVE-2021-27738

All request mappings in StreamingCoordinatorController.java handling /kylin/api/streamingcoordinator/ REST API endpoints did not include any security checks, which allowed an unauthenticated user to issue arbitrary requests, such as assigning/unassigning of streaming cubes, creation/modification...

Server side request forgery (ssrf)

All request mappings in StreamingCoordinatorController.java handling /kylin/api/streamingcoordinator/ REST API endpoints did not include any security checks, which allowed an unauthenticated user to issue arbitrary requests, such as assigning/unassigning of streaming cubes, creation/modification...

CVE-2021-27738

CVE-2021-27738 concerns Apache Kylin prior to 3.1.2 where all request mappings in StreamingCoordinatorController.java under /kylin/api/streaming_coordinator/* lacked input validation and security checks. This enables unauthenticated users to issue arbitrary requests (e.g., assigning/unassigning s...

PT-2022-11382 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: Keycloak versions 12.0.0 through 15.1.1 Description: A flaw was found in Keycloak that allows an attacker with any existing user account to create new default user accounts via the administrative REST API, even when new user registration is...

Information Disclosure

mediawiki is vulnerable to information disclosure. The vulnerability exists due to the REST API incorrectly publicly caches autocomplete search results from private wikis...

WordPress WP Guppy Plugin Information Disclosure Vulnerability

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress WP Guppy Plugin prior to version 1.3 is vulnerable to an information disclosure vulnerability tha...

CVE-2021-24997

The WP Guppy WordPress plugin before 1.3 does not have any authorisation in some of the REST API endpoints, allowing any user to call them and could lead to sensitive information disclosure, such as usernames and chats between users, as well as be able to send messages as an arbitrary user...

Information disclosure

The WP Guppy WordPress plugin before 1.3 does not have any authorisation in some of the REST API endpoints, allowing any user to call them and could lead to sensitive information disclosure, such as usernames and chats between users, as well as be able to send messages as an arbitrary user...

CVE-2021-24997

The CVE-2021-24997 entry concerns the WordPress WP Guppy plugin (versions before 1.3). The issue is a lack of authorization in certain REST API endpoints, enabling any user to call endpoints and potentially disclose sensitive information (e.g., usernames, user chats) and to send messages as anoth...

Explanation of what Java API is ❓ Types. Examples

When the two most viable and essential application/software development comes together, programmers are allowed to have unmatched functionality. Java API Application Programming Interface is the perfect example of how to attain this. Acknowledged as a crucial entity for internal and open...

Shortcode Addons < 3.1.0 - Unauthenticated Arbitrary Option Update

The plugin does not have any authorisation in its REST API endpoint, one of them could allow unauthenticated attackers to update arbitrary blog options. PoC POST /wp-json/ShortCodeAddonsUltimate/v2/addonssettings HTTP/1.1 Accept: / Accept-Language: en-GB,en;q=0.5 Accept-Encoding: gzip, deflate...

Tabs < 3.6.0 - Unauthenticated Arbitrary Option Update

The plugin does not have any authorisation in its REST API endpoint, one of them could allow unauthenticated attackers to update arbitrary blog options. PoC...

MGASA-2021-0568 Updated mediawiki packages fix security vulnerabilities

Updated mediawiki packages fix security vulnerabilities: == Security fixes == T292763. CVE-2021-44854 REST API incorrectly publicly caches autocomplete search results from private wikis. T271037, CVE-2021-44856 Title blocked in AbuseFilter can be created via Special:ChangeContentModel. T297322,...

Updated mediawiki packages fix security vulnerabilities

Updated mediawiki packages fix security vulnerabilities: == Security fixes == T292763. CVE-2021-44854 REST API incorrectly publicly caches autocomplete search results from private wikis. T271037, CVE-2021-44856 Title blocked in AbuseFilter can be created via Special:ChangeContentModel. T297322,...

CVE-2021-4133

A flaw was found in Keycloak version from 12.0.0 and before 15.1.1 which allows an attacker with any existing user account to create new default user accounts via the administrative REST API even when new user registration is disabled. Mitigation Access to the user-creation functionality in the...

Image Hover Effects Ultimate < 9.7.0 - Unauthenticated Arbitrary Option Update

The plugin does not have any authorisation in its REST API endpoint, one of them could allow unauthenticated attackers to update arbitrary blog options. The original report mentioned the issue being fixed in 9.6.2, however it was still possible for attackers to exploit it and proper remediation h...

CVE-2021-41242

OpenOlat is a web-basedlearning management system. A path traversal vulnerability exists in OpenOlat prior to versions 15.5.12 and 16.0.5. By providing a filename that contains a relative path as a parameter in some REST methods, it is possible to create directory structures and write files...

CVE-2021-41242

OpenOlat (web-based LMS) has a path traversal vulnerability in REST methods that allow an attacker with a user account and enabled REST API to craft a filename containing a relative path, enabling write access to files anywhere under the web root or beyond depending on server configuration. Affec...