168 matches found
CVE-2024-29891 ZITADEL Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass
ZITADEL users can upload their own avatar image and various image types are allowed. Due to a missing check, an attacker could upload HTML and pretend it is an image to gain access to the victim's account in certain scenarios. A possible victim would need to directly open the supposed image in th...
CVE-2022-34311
IBM CICS TX Standard and Advanced 11.1 could allow a user with physical access to the web browser to gain access to the user's session due to insufficiently protected credentials. IBM X-Force ID: 229446...
IBM CICS TX Standard Security Vulnerability
IBM CICS TX Standard and Advanced is a comprehensive, single transaction runtime package from International Business Machines IBM, Inc. It can provide a cloud-native deployment model for standalone applications. A security vulnerability exists in IBM CICS TX Standard that stems from insufficient...
Xantech WIC1200 Cross-Site Scripting Vulnerability
The Xantech WIC1200 is a Web Intelligent Controller from Xantech. A cross-site scripting vulnerability exists in the Xantech WIC1200 version 1.1, which originates from the fact that an authenticated user can store a malicious JavaScript load in the device model parameter via...
Design/Logic Flaw
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server prior to versions 26.0.9 and 27.1.4; as well as Nextcloud Enterprise Server prior to versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4; when an attacker manages to get access to an...
CVE-2023-6144
Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username...
Design/Logic Flaw
Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username...
CVE-2023-6144 Dev Blog v1.0 - ATO
Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username...
DevBlog 安全漏洞
DevBlog is a blogging project developed using Node.js Express and MongoDB by Arman Idrisi, an individual developer. A security bypass vulnerability exists in DevBlog v1.0, which can be exploited by an attacker to access any user's session...
The vulnerability of the Jenkins Fortify Plugin, related to authentication errors, allows a hacker to gain access to another user’s session.
The vulnerability of the Jenkins Fortify Plugin is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to gain access to another user’s session...
CVE-2023-24477
In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC versions before 22.6.2 do not always completely invalidate the user session upon logout. Thus an authenticated local attacker may gain acces to the original user's session...
PT-2023-26959 · Mcafee · Epo
Name of the Vulnerable Software and Affected Versions: ePO versions prior to 5.10 SP1 Update 1 Description: A reflected cross-site scripting XSS vulnerability allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated eP...
CVE-2023-24486
A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched...
PT-2023-4082 · Citrix · Citrix Workspace App For Linux
Name of the Vulnerable Software and Affected Versions: Citrix Workspace App for Linux affected versions not specified Description: A vulnerability in Citrix Workspace App for Linux is related to inadequate access control. Exploitation of this issue may allow a malicious local user to gain access ...
New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises
A new post-exploitation framework called EXFILTRATOR-22 aka EX-22 has emerged in the wild with the goal of deploying ransomware within enterprise networks while flying under the radar. "It comes with a wide range of capabilities, making post-exploitation a cakewalk for anyone purchasing the tool,...
OpenNMS Meridian and Horizon vulnerable to Cross-site Scripting
Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information...
SUSE CVE-2006-1335
gnome screensaver before 2.14, when running on an X server with AllowDeactivateGrabs and AllowClosedownGrabs enabled, allows attackers with physical access to cause the screensaver to crash and access the session via the Ctl+Alt+Keypad-Multiply keyboard sequence, which removes the grab from gnome...
SUSE CVE-2013-2190
The translatehierarchyevent function in x11/clutter-device-manager-xi2.c in Clutter, when resuming the system, does not properly handle XIQueryDevice errors when a device has "disappeared," which causes the gnome-shell to crash and allows physically proximate attackers to access the previous...
SUSE CVE-2019-3825
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session...
CVE-2022-23498 When query caching is enabled in Grafana users can query another users session
Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including grafanasession. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the...