CVE-2023-40313 – Disable BeanShell Interpreter Remote Server Mode
https://notcve.org/view.php?id=CVE-2023-40313
A BeanShell interpreter in remote server mode runs in OpenMNS Horizon versions earlier than 32.0.2 and in related Meridian versions which could allow arbitrary remote Java code execution. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. Un intérprete de BeanShell en modo servidor remoto se ejecuta en versiones de OpenNMS Horizon anteriores a 32.0.2 y en versiones de Meridian relacionadas, lo que podría permitir la ejecución remota arbitraria de código Java. La solución es actualizar a Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 u Horizon 32.0.2 o posterior. • https://docs.opennms.com/horizon/32/releasenotes/changelog.html https://github.com/OpenNMS/opennms/pull/6368 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-37914 – Privilege escalation (PR)/RCE from account through Invitation subject/message
https://notcve.org/view.php?id=CVE-2023-37914
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can view `Invitation.WebHome` can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. This vulnerability has been patched on XWiki 14.4.8, 15.2-rc-1, and 14.10.6. Users are advised to upgrade. Users unable to upgrade may manually apply the patch on `Invitation.InvitationCommon` and `Invitation.InvitationConfig`, but there are otherwise no known workarounds for this vulnerability. • https://github.com/xwiki/xwiki-platform/commit/ff1d8a1790c6ee534c6a4478360a06efeb2d3591 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-7954-6m9q-gpvf https://jira.xwiki.org/browse/XWIKI-20421 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-40252
https://notcve.org/view.php?id=CVE-2023-40252
Improper Control of Generation of Code ('Code Injection') vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15. • https://docs.genians.com/nac/5.0/release/ko/advisories/GN-SA-2023-001.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-40557 – WordPress Tabs & Accordion plugin <= 1.3.10 - Content Injection vulnerability
https://notcve.org/view.php?id=CVE-2023-40557
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in PickPlugins Tabs & Accordion allows Code Injection.This issue affects Tabs & Accordion: from n/a through 1.3.10. La neutralización inadecuada de etiquetas HTML relacionadas con scripts en una vulnerabilidad de página web (XSS básico) en PickPlugins Tabs & Accordion permite la inyección de código. Este problema afecta a Tabs & Accordion: desde n/a hasta 1.3.10. The Tabs & Accordion plugin for WordPress is vulnerable to Arbitrary Content Injection in versions up to, and including, 1.3.10. The cause of this vulnerability is undisclosed at this time. • https://patchstack.com/database/vulnerability/tabs/wordpress-tabs-accordion-plugin-1-3-8-content-injection-vulnerability?_s_id=cve • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVE-2023-3169 – tagDiv Composer < 4.2 - Unauthenticated Stored XSS
https://notcve.org/view.php?id=CVE-2023-3169
The tagDiv Composer WordPress plugin before 4.2, used as a companion by the Newspaper and Newsmag themes from tagDiv, does not have authorisation in a REST route and does not validate as well as escape some parameters when outputting them back, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks. El complemento de WordPress tagDiv Composer anterior a 4.2, utilizado como complemento de los temas Newspaper y Newsmag de tagDiv, no tiene autorización en una ruta REST y no valida ni escapa algunos parámetros al devolverlos, lo que podría permitir a usuarios no autenticados realizar ataques de Cross-Site Scripting almacenado. The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings set through a REST route in versions up to, and including, 4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This was partially patched in 4.1 and fully patched with sanitization in 4.2. • https://wpscan.com/vulnerability/e6d8216d-ace4-48ba-afca-74da0dc5abb5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •