CVE-2024-38379 – Apache Allura: Stored authenticated XSS
https://notcve.org/view.php?id=CVE-2024-38379
Apache Allura's neighborhood settings are vulnerable to a stored XSS attack. Only neighborhood admins can access these settings, so the scope of risk is limited to configurations where neighborhood admins are not fully trusted. This issue affects Apache Allura: from 1.4.0 through 1.17.0. Users are recommended to upgrade to version 1.17.1, which fixes the issue. La configuración del vecindario de Apache Allura es vulnerable a un ataque XSS almacenado. Solo los administradores de vecindario pueden acceder a estas configuraciones, por lo que el alcance del riesgo se limita a configuraciones en las que no se confía plenamente en los administradores de vecindario. Este problema afecta a Apache Allura: desde 1.4.0 hasta 1.17.0. • https://lists.apache.org/thread/2lb6vp00sj2b2snpmhff5lyortxjsnrp • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-36471 – Apache Allura: sensitive information exposure via DNS rebinding
https://notcve.org/view.php?id=CVE-2024-36471
Import functionality is vulnerable to DNS rebinding attacks between verification and processing of the URL. Project administrators can run these imports, which could cause Allura to read from internal services and expose them. This issue affects Apache Allura from 1.0.1 through 1.16.0. Users are recommended to upgrade to version 1.17.0, which fixes the issue. If you are unable to upgrade, set "disable_entry_points.allura.importers = forge-tracker, forge-discussion" in your .ini config file. La funcionalidad de importación es vulnerable a ataques de revinculación de DNS entre la verificación y el procesamiento de la URL. Los administradores de proyectos pueden ejecutar estas importaciones, lo que podría hacer que Allura lea servicios internos y los exponga. • https://lists.apache.org/thread/g43164t4bcp0tjwt4opxyks4svm8kvbh • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-918: Server-Side Request Forgery (SSRF) •