Vulnerabilities tagged 'web'

VMware Authentication Bypass Vulnerability [CVE-2022-22972]

web

Honestly, this is a bit of a crazy issue to see, during Login, if the LocalPasswordAuthAdapter gets used, it will attempt to validate the login credentials with whatever host is in the Host header, an attacker can often control this header completely. And so by pointing the header to a domain the attacker controls they can setup a server that will respond with an HTTP 200 to the authentication request allowing the attacker to login.

 

[GitLab] Stored XSS in Notes (with CSP bypass)

It seems that the syntax highlighting filter will read the data-sourcepos attribute rather permissively including newlines and angle brackets. This value gets reflected back out into the page where the browser will end up interpreting as HTML some of the text the backend throught was in the attribute.

 

[Glovo] Integer overflow vulnerability

Funny bug in Glovo, which is a delivery platform for taking orders and dispatching deliveries.The bug is an integer overflow in the quantity parameter of the POST request for the order, which can affect the total price of the order…

 

rubygems CVE-2022-29176 explained

web

Interesting but fairly simple vuln in rubygems.It’s a design flaw or logic bug in the way versioning works when yanking a gem…

 
1
2
3
4
5
6
7