229 matches found
CVE-2023-52083 Stored XSS through privileged upload of Media Manager file followed by renaming
Winter is a free, open-source content management system. Prior to 1.2.4, users with the media.managemedia permission can upload files to the Media Manager and rename them after uploading. Previously, media manager files were only sanitized on upload, not on renaming, which could have allowed a...
CVE-2023-52083
CVE-2023-52083 affects Winter CMS. Before 1.2.4, users with the media.manage_media permission could upload files to the Media Manager and rename them after upload, with sanitization only on upload (not on rename), allowing a stored XSS vulnerability. The issue has been patched in v1.2.4.
CVE-2023-52083 Stored XSS through privileged upload of Media Manager file followed by renaming
Winter is a free, open-source content management system. Prior to 1.2.4, users with the media.managemedia permission can upload files to the Media Manager and rename them after uploading. Previously, media manager files were only sanitized on upload, not on renaming, which could have allowed a...
PT-2023-31916 · Unknown · Winter Cms
Name of the Vulnerable Software and Affected Versions: Winter CMS versions prior to 1.2.4 Description: The issue affects users with access to backend forms that include a ColorPicker FormWidget, allowing them to provide a value that would then be rendered unescaped in the backend form, potentiall...
Winter Cross-Site Scripting Vulnerability
Winter is a free, open source, self-hosted CMS platform based on the Laravel PHP framework. A cross-site scripting vulnerability exists in Winter versions prior to 1.2.4, which stems from the presence of a stored cross-site scripting XSS vulnerability...
Winter Cross-Site Scripting Vulnerability
Winter is a free, open source, self-hosted CMS platform based on the Laravel PHP framework. A cross-site scripting vulnerability exists in Winter versions prior to 1.2.4, which stems from the presence of a stored cross-site scripting XSS vulnerability...
PT-2023-31917 · Unknown · Winter Cms
Name of the Vulnerable Software and Affected Versions: Winter CMS versions prior to 1.2.4 Description: The issue concerns a Local File Inclusion vulnerability in Winter CMS, a free, open-source content management system. Users with access to backend forms that include a ColorPicker FormWidget can...
Winter CMS 1.2.2 Server-Side Template Injection
Exploit Title: Winter CMS 1.2.2 / 1.2.3 - Server-Side Template Injection SSTI Authenticated Exploit Author: tmrswrr Date: 12/05/2023 Vendor: https://wintercms.com/ Software Link: https://github.com/wintercms/winter/releases/v1.2.2 Vulnerable Versions: 1.2.2 / 1.2.3 Tested :...
Winter CMS 1.2.2 / 1.2.3 Server-Side Template Injection Vulnerability
Exploit Title: Winter CMS 1.2.2 / 1.2.3 - Server-Side Template Injection SSTI Authenticated Exploit Author: tmrswrr Date: 12/05/2023 Vendor: https://wintercms.com/ Software Link: https://github.com/wintercms/winter/releases/v1.2.2 Vulnerable Versions: 1.2.2 / 1.2.3 Tested :...
Winter CMS 1.2.2 Server-Side Template Injection
Exploit Title: Winter CMS 1.2.2 - Server-Side Template Injection SSTI Authenticated Exploit Author: tmrswrr Date: 12/05/2023 Vendor: https://wintercms.com/ Software Link: https://github.com/wintercms/winter/releases/v1.2.2 Vulnerable Versions: 1.2.2 Tested :...
Attacks, Vulnerabilities and Actors 23 October to 29 October 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, two instances of adversary activity, and three exploited...
Winter Vivern Capitalizes on Zero-Day Flaw in Roundcube
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Winter Vivern cyberespionage group has been actively exploiting a zero-day vulnerability in the Roundcube webmail. The identified vulnerability, CVE-2023-5631, permits stored cross-site scripting...
Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims' accounts. "Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube," ESET security...
APT Winter Vivern Exploits New Roundcube 0-Day to Target European Entities
By Waqas ESET Research Uncovers New Targeted Campaign Impacting European Governments and Think Tanks. This is a post from HackRead.com Read the original post: APT Winter Vivern Exploits New Roundcube 0-Day to Target European Entities...
Researchers Uncover Years-Long Cyber Espionage on Foreign Embassies in Belarus
A hitherto undocumented threat actor operating for nearly a decade and codenamed MoustachedBouncer has been attributed to cyber espionage attacks aimed at foreign embassies in Belarus. "Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle AitM attacks at the...
Cross-Site Scripting (XSS)
wintercms/winter and winter/storm are vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape user input, which allows an attacker with backend.managebranding permissions to upload SVGs as the application logo and execute malicious javascript on victim's browser...
CVE-2023-37269
Winter is a free, open-source content management system CMS based on the Laravel PHP framework. Users with the backend.managebranding permission can upload SVGs as the application logo. Prior to version 1.2.3, SVG uploads were not sanitized, which could have allowed a stored cross-site scripting...
Cross site scripting
Winter is a free, open-source content management system CMS based on the Laravel PHP framework. Users with the backend.managebranding permission can upload SVGs as the application logo. Prior to version 1.2.3, SVG uploads were not sanitized, which could have allowed a stored cross-site scripting...
GHSA-WJW2-4J7J-6GC3 Winter CMS stored XSS through privileged upload of SVG file
Impact Users with the backend.managebranding permission can upload SVGs as the application logo. Previously, SVG uploads were not sanitized, which could have allowed a stored XSS attack. Although this was a security issue, it's important to note that its severity is low. To exploit the...
Winter CMS stored XSS through privileged upload of SVG file
Impact Users with the backend.managebranding permission can upload SVGs as the application logo. Previously, SVG uploads were not sanitized, which could have allowed a stored XSS attack. Although this was a security issue, it's important to note that its severity is low. To exploit the...