CVE-2023-30951 – CVE-2023-30951
https://notcve.org/view.php?id=CVE-2023-30951
The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack (XXE). • https://palantir.safebase.us/?tcuUid=fe021f28-9e25-42c4-acd8-772cd8006ced • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2023-30949 – CVE-2023-30949
https://notcve.org/view.php?id=CVE-2023-30949
A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the page's content, which could lead to phishing attacks. • https://palantir.safebase.us/?tcuUid=bbc1772c-e10a-45cc-b89f-48cc1a8b2cfc • CWE-346: Origin Validation Error CWE-1173: Improper Use of Validation Framework •
CVE-2023-30956 – IDOR in Foundry Comments allows retrieval of attachments
https://notcve.org/view.php?id=CVE-2023-30956
A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0. • https://palantir.safebase.us/?tcuUid=40367943-738c-4e69-b852-4a503c77478a • CWE-639: Authorization Bypass Through User-Controlled Key •
CVE-2023-30960 – Insecure Direct Object Reference (IDOR) in Foundry job-tracker
https://notcve.org/view.php?id=CVE-2023-30960
A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to. This defect was resolved with the release of job-tracker 4.645.0. The service was rolled out to all affected Foundry instances. No further intervention is required. • https://palantir.safebase.us/?tcuUid=115d9bf4-201f-4cfe-b2fc-219e3a2d945b • CWE-639: Authorization Bypass Through User-Controlled Key CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2023-30963 – Stored XSS in Foundry Slate Query Dropdown menu
https://notcve.org/view.php?id=CVE-2023-30963
A security defect was discovered in Foundry Frontend which enabled users to perform Stored XSS attacks in Slate if Foundry's CSP were to be bypassed. This defect was resolved with the release of Foundry Frontend 6.229.0. The service was rolled out to all affected Foundry instances. No further intervention is required. • https://palantir.safebase.us/?tcuUid=3c6b63b7-fb67-4202-a94a-9c83515efb8a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-82: Improper Neutralization of Script in Attributes of IMG Tags in a Web Page •