34 matches found
EUVD-2018-2306
Malware in sbrugna...
EUVD-2018-2307
Malware in sbrugna...
EUVD-2017-16305
Malware in sbrugna...
EUVD-2023-38963
Malicious code in bioql PyPI...
CVE-2023-34923
XML Signature Wrapping XSW in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider IP to impersonate any TOPdesk user via SAML Response manipulation...
Vulnerability fixed in TOPdesk
TOPdesk has fixed a vulnerability in TOPdesk Self-service and TOPdesk Operator. A malicious party with a valid account can exploit the exploit the vulnerability to impersonate any other user and thus gain access to and manipulate their data. manipulate. The vulnerability lies in the way SAML Sing...
CVE-2023-34923
XML Signature Wrapping XSW in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider IP to impersonate any TOPdesk user via SAML Response manipulation...
CVE-2023-34923
XML Signature Wrapping XSW in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider IP to impersonate any TOPdesk user via SAML Response manipulation...
CVE-2023-34923
XML Signature Wrapping XSW in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider IP to impersonate any TOPdesk user via SAML Response manipulation...
Code injection
XML Signature Wrapping XSW in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider IP to impersonate any TOPdesk user via SAML Response manipulation...
PT-2023-25053 · Topdesk · Topdesk
Name of the Vulnerable Software and Affected Versions: TOPdesk version 12.10.12 Description: The issue allows bad actors with credentials to authenticate with the Identity Provider to impersonate any TOPdesk user via SAML Response manipulation. This is due to XML Signature Wrapping XSW in the...
CVE-2023-34923
TOPdesk CVE-2023-34923 involves XML Signature Wrapping (XSW) in the SAML-based SSO of TOPdesk v12.10.12. The vulnerability affects the SAML Response handling and, per the description, allows attackers with valid credentials to authenticate with the Identity Provider and impersonate any TOPdesk us...
CVE-2023-34923
XML Signature Wrapping XSW in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider IP to impersonate any TOPdesk user via SAML Response manipulation...
TOPdesk 安全漏洞
TOPdesk is a comprehensive terminal management software product from TOPdesk, Inc. A security vulnerability exists in TOPdesk version v12.10.12, which originates from an XML Signature Wrapper XSW in the SAML-based Single Sign-On functionality, that allows an attacker to impersonate any TOPdesk us...
CVE-2023-34923
XML Signature Wrapping XSW in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider IP to impersonate any TOPdesk user via SAML Response manipulation...
TOPdesk Cross-Site Scripting Vulnerability
TOPdesk is a terminal management system from the Dutch company TOPdesk. The system enables the management and maintenance of desktop systems through behavioral monitoring, system monitoring and security status detection. A cross-site scripting vulnerability exists in TOPdesk versions prior to...
TOPdesk Cross-Site Request Forgery Vulnerability
TOPdesk is a terminal management system from the Dutch company TOPdesk. The system enables the management and maintenance of desktop systems through behavioral monitoring, system monitoring and security status detection. A cross-site request forgery vulnerability exists in TOPdesk versions prior ...
CVE-2018-10232
Cross-site request forgery CSRF vulnerability in TOPdesk before 8.05.017 June 2018 version and before 5.7.SR9 allows remote attackers to hijack the authentication of authenticated users for requests that can obtain sensitive information via unspecified vectors...
CVE-2018-10231
Cross-site scripting XSS vulnerability in TOPdesk before 8.05.017 June 2018 version and before 5.7.SR9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in TOPdesk before 8.05.017 June 2018 version and before 5.7.SR9 allows remote attackers to hijack the authentication of authenticated users for requests that can obtain sensitive information via unspecified vectors...