Malicious code in visma-connect-bv (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 005faae12170fc7458fde90c1e389106818e875219f93719065488d5f10ff95a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10256 Malicious code in visma-connect-bv (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 005faae12170fc7458fde90c1e389106818e875219f93719065488d5f10ff95a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

visma.ua Cross Site Scripting vulnerability OBB-1484188

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

demo.visma.ua Cross Site Scripting vulnerability OBB-1484189

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Visma Public: Bypassing Business ID/VAT # validation during registration to create accounts with duplicate Business ID/VAT #

The security researcher was able to bypass the Business ID/VAT validation that is required during registration. By doing this he was able to create accounts with duplicate Business ID/VAT...

Visma Public: Information disclosure to "Permission as auditor" user

Inside the same company, the researcher was able to view information that that was not supposed to with the Auditor role associated with the user...

Visma Public: HTTP Request Smuggling at app.workbox.dk

The researcher was able to find a HTTP request CL.TE smuggling vulnerability at app.workbox.dk. The likely consequences would have result in interfering with normal user traffic, leak 'Session Cookies, leak PII info...

Visma Public: A sales only user can edit the purchase invoice drafts.

The researcher has found a missing authorization issue: a sales only user could edit the purchase invoice drafts that he shouldn't...

Visma Public: Reverse Tabnabbing in printing source document images

The security researcher was able to find a Reverse Tabnabbing bug in printing source document images functionality. This bug allows to replace current web page in users browser with a phishing one, facilitating phishing attacks...

Visma Public: SXSS using unsanitized `customer no` in eaccountingprinting.stage.vismaonline.com

The researcher found that the customer no field in customer profile is not properly sanitized enabling html/js codeinjection causing an Stored XSS...

Visma Public: [CSRF]While Closing and opening Fiscal year.

The reporter has found that the CSRF token is not checked when using the Open/Close functionality of the Fiscal year...

Visma Public: Ability to delete projects from Archived companies (Read only version)

The researcher discovered that Projects can be deleted from Archived companies which have "read only version".It was assessed as Low impact...

Visma Public: Read-only user can access payroll information without having access to payroll.

The researcher found that a read-only user without having access to payroll can still access all the data in payroll tab, by visiting the url directly, thus resulting into an unauthorized access...

Visma Bug Bounty Program: SSRF in img export

The researcher has found a SSRF vulnerability in the application's image export functionality. The app would take all the html as input and generate an image based on that. By manipulating the html code and adding a src tag, it was possible to trigger a SSRF...

Visma Public: Access control on https://eaccounting.stage.vismaonline.com/

The researcher was able to find an access control issue in the application by checking if the permissions are correctly replicated in the active sessions for the user...

Visma Bug Bounty Program: [IDOR]Ability to Pause & Resume the Invoice of other users If GUID is known.

Insecure Direct Object Reference IDOR vulnerability is discovered via a certain endpoint and the application exposes a reference to an internal implementation object. It reveals the real identifier and format/pattern used of the element in the storage backend side...

Visma Public: Open Redirection In connect.identity.stagaws.visma.com

The researcher found an open redirection in one of the parameters. This can be used to trick a user to a fake website asking for credentials, and trick the user to give out credentials...

Visma Public: Able to continue user creation process after deleting the HTML element that shows the message that the session is closed

Summary: Able to continue user creation process and successfully submit the user creation form after deleting the HTML element that shows the message that the session is closed after signing out in different tab from same browser. Steps To Reproduce: 1. Login to...

Visma Public: [IDOR]Ability to edit Description of api_key's of other users.

The reasearcher was able to change the description associated with API-keys for other users on the /api/orgID/apiKey endpoint by modifying the id of the API-key in the request...

Visma Public: HTML-injection in PDF-export leads to LFI

The researcher was able to extract contents of files using the pdf-generator in "Yearly Financial Statements". This was done by adding an IFRAME-tag inside the companyname. Once rendered in Yearly Financial Statements, it included the file the IFRAME was pointing to. In this POC it was /etc/passw...