7 matches found
CVE-2022-34267
Summary: RWS WorldServer before 11.7.3 contains an authentication bypass. By adding a token parameter with value 02, an attacker can bypass all auth requirements and upload/execute arbitrary Java code via a .jar archive at the ws-api/v2/customizations/api endpoint. Impact: unauthenticated code ex...
CVE-2023-38357
CVE-2023-38357 affects RWS WorldServer up to version 11.7.3, where session tokens have low entropy and can be enumerated, potentially granting unauthorized access to user sessions. Affected component is the session handling/token generation. The exploitation involves token enumeration leading to ...
CVE-2024-50849
The CVE-2024-50849 entry concerns WorldServer v11.8.2 where a Stored Cross-Site Scripting (XSS) vulnerability exists in the Rules functionality. The issue allows a remote authenticated attacker to execute arbitrary JavaScript code. Several connected sources corroborate the affected product/versio...
CVE-2024-50848
CVE-2024-50848 : Multiple sources confirm an XML External Entity (XXE) vulnerability in the WorldServer v11.8.2 Import object and Translation Memory import features, exploitable by supplying a crafted .tmx file. Affected component: WorldServer 11.8.2; root cause: XXE allowing access to sensitive ...
CVE-2022-34268
CVE-2022-34268 : RWS WorldServer prior to 11.7.3 contains an insecure deserialization flaw in the /clientLogin endpoint, allowing deserialized Java objects without authentication and resulting in command execution on the host. Affected products/versions: RWS WorldServer before 11.7.3. Impact: hig...
CVE-2022-34270
CVE-2022-34270 affects RWS WorldServer prior to 11.7.3. The issue allows a regular user to create other users with the Administrator role via UserWSUserManager, enabling unauthorized privilege escalation. Impact is documented as administrator-level access for an attacker with standard credentials...
CVE-2022-34269
CVE-2022-34269 affects RWS WorldServer versions prior to 11.7.3. An authenticated, remote attacker can trigger a blind SSRF via the endpoint ws-legacy/load_dtd?system_id=, causing JSP code deployment to the Apache Axis service on localhost and resulting in command execution. Documented impact is ...