GHSA-23R4-5MXP-C7G5 parse-server new anonymous user session acts as if it's created with password

Impact Developers that use the REST API to signup users and also allow users to login anonymously. When an anonymous user is first signed up using REST, the server creates session incorrectly, particularly the authProvider field in Session class under createdWith shows the user logged in creating...

OMGF < 4.5.4 - Unauthenticated Path Traversal in REST API

The plugin does not escape or validate the handle parameter of the REST API, which allows unauthenticated users to perform path traversal and overwrite arbitrary CSS file with Google Fonts CSS, or download fonts uploaded on Google Fonts website. PoC Access the URL below as unauthenticated...

OMGF < 4.5.4 - Unauthenticated Path Traversal in REST API

The plugin does not escape or validate the handle parameter of the REST API, which allows unauthenticated users to perform path traversal and overwrite arbitrary CSS file with Google Fonts CSS, or download fonts uploaded on Google Fonts website. Access the URL below as unauthenticated...

Design/Logic Flaw

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Developers can use the REST API to signup users and also allow users to login anonymously. Prior to version 4.5.1, when an anonymous user is first signed up using REST, the server creates sessi...

VMware Workspace ONE UEM console patches address a denial of service vulnerability (CVE-2021-22029)

3. Advisory Details VMware Workspace ONE UEM REST API contains a denial of service vulnerability. VMware has evaluated this issue to be of 'Moderate' severity with a maximum CVSSv3 base score of 5.3...

WP Cerber Security < 8.9.3 - Rest-API Protection Bypass

The /wp-json REST API endpoint is by default blocked by WP Cerber from accessing its information. However, by appending a ?, the access control list protections are bypassed and data can then be retrieved from it...

CVE-2021-39138

Parse Server prior to v4.5.1 incorrectly classifies anonymous sessions as password-created when first signing up via REST, due to the createdWith value in _Session. This affects only developers who rely on createdWith for access control; the vulnerability is fixed in 4.5.1. The recommended workar...

BuddyPress < 9.1.1 - Activation Key Disclosure

The plugin disclosed the activation key from responses of the createitem method in the BP REST API Signup controller...

CVE-2021-32829

ZStack is open source IaaSinfrastructure as a service software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. Affected versions of ZStack REST API are vulnerable to post-authentication Remote Code Execution RCE via bypass of the Groovy shell...

CVE-2021-32829 Post-authentication Remote Code Execution (RCE) in ZStack REST API

ZStack is open source IaaSinfrastructure as a service software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. Affected versions of ZStack REST API are vulnerable to post-authentication Remote Code Execution RCE via bypass of the Groovy shell...

PT-2021-19960 · Zstack · Z-Stack

Name of the Vulnerable Software and Affected Versions: ZStack versions prior to 3.8.21 ZStack versions prior to 3.10.8 ZStack versions prior to 4.1.0 Description: ZStack is open source IaaS software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs...

WordPress SEOPress, on-site SEO plugin 5.0.0 – 5.0.3 - Stored Cross-Site Scripting (XSS) vulnerability via REST-API

Stored Cross-Site Scripting XSS vulnerability via REST-API discovered by Chloe Chamberland WordFence in WordPress SEOPress, on-site SEO plugin versions 5.0.0 – 5.0.3. Solution Update the WordPress SEOPress, on-site SEO plugin to the latest available version at least 5.0.4...

SEOPress 5.0.0 – 5.0.3 - Authenticated Stored Cross-Site Scripting

The plugin is vulnerable to Stored Cross-Site-Scripting via the processPut function found in the /src/Actions/Api/TitleDescriptionMeta.php file which allows authenticated attackers to inject arbitrary web scripts. PoC $wpuser, 'pwd' = $wppass, 'rememberme' = 'forever', 'wp-submit' = 'Log+In', ;...

SEOPress 5.0.0 – 5.0.3 - Authenticated Stored Cross-Site Scripting

The plugin is vulnerable to Stored Cross-Site-Scripting via the processPut function found in the /src/Actions/Api/TitleDescriptionMeta.php file which allows authenticated attackers to inject arbitrary web scripts. $wpuser, 'pwd' = $wppass, 'rememberme' = 'forever', 'wp-submit' = 'Log+In', ; $outp...

Cisco Firepower Device Manager On-Box Software RCE (cisco-sa-fdm-rce-Rx6vVurq)

According to its self-reported version, Cisco Firepower Device Manager FDM On-Box software is affected by a vulnerability in the REST API that allows an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. This vulnerability is due to...

CVE-2021-38095

The REST API in Planview Spigit 4.5.3 allows remote unauthenticated attackers to query sensitive user accounts data, as demonstrated by an api/v1/users/1 request...

Cross site request forgery (csrf)

The REST API in Planview Spigit 4.5.3 allows remote unauthenticated attackers to query sensitive user accounts data, as demonstrated by an api/v1/users/1 request...

CVE-2021-38095

The REST API in Planview Spigit 4.5.3 allows remote unauthenticated attackers to query sensitive user accounts data, as demonstrated by an api/v1/users/1 request...

CVE-2021-38095

The CVE-2021-38095 entry affects Planview Spigit 4.5.3, where the REST API allows remote unauthenticated attackers to query sensitive user account data via api/v1/users/1. This is an unauthenticated access vulnerability exposing user data (high impact per CVSS 3.1). The Connected documents confir...

CVE-2021-34707

A vulnerability in the REST API of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to access sensitive data on an affected system. This vulnerability exists because the application does not sufficiently protect sensitive data when responding to an API...