CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0423 – WordPress Amazon S3 Plugin < 1.6 - Reflected XSS
https://notcve.org/view.php?id=CVE-2023-0423
The WordPress Amazon S3 Plugin WordPress plugin before 1.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin The "WordPress Amazon S3 Plugin" plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘msg’ parameter in versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/73d588d7-26ae-42e2-8282-aa02bcb109b6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-25806 – Time discrepancy in authentication responses in OpenSearch
https://notcve.org/view.php?id=CVE-2023-25806
OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. There is an observable discrepancy in the authentication response time between calls where the user provided exists and calls where it does not. This issue only affects calls using the internal basic identity provider (IdP), and not other externally configured IdPs. Patches were released in versions 1.3.9 and 2.6.0, there are no workarounds. • https://github.com/opensearch-project/security/security/advisories/GHSA-c6wg-cm5x-rqvj • CWE-203: Observable Discrepancy CWE-208: Observable Timing Discrepancy •
CVSS: 5.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23933 – Issue in Anomaly Detection with document and field level rules in numerical feature aggregations
https://notcve.org/view.php?id=CVE-2023-23933
OpenSearch Anomaly Detection identifies atypical data and receives automatic notifications. There is an issue with the application of document and field level restrictions in the Anomaly Detection plugin, where users with the Anomaly Detector role can read aggregated numerical data (e.g. averages, sums) of fields that are otherwise restricted to them. This issue only affects authenticated users who were previously granted read access to the indexes containing the restricted fields. This issue has been patched in versions 1.3.8 and 2.6.0. There are no known workarounds for this issue. • https://github.com/opensearch-project/anomaly-detection/security/advisories/GHSA-47qw-jwpx-pp4c • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23612 – Issue with whitespace in JWT roles in OpenSearch
https://notcve.org/view.php?id=CVE-2023-23612
OpenSearch is an open source distributed and RESTful search engine. OpenSearch uses JWTs to store role claims obtained from the Identity Provider (IdP) when the authentication backend is SAML or OpenID Connect. There is an issue in how those claims are processed from the JWTs where the leading and trailing whitespace is trimmed, allowing users to potentially claim roles they are not assigned to if any role matches the whitespace-stripped version of the roles they are a member of. This issue is only present for authenticated users, and it requires either the existence of roles that match, not considering leading/trailing whitespace, or the ability for users to create said matching roles. In addition, the Identity Provider must allow leading and trailing spaces in role names. • https://github.com/opensearch-project/OpenSearch/releases/tag/2.5.0 https://github.com/opensearch-project/security/security/advisories/GHSA-864v-6qj7-62qj • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23613 – Field-level security issue with .keyword fields in OpenSearch
https://notcve.org/view.php?id=CVE-2023-23613
OpenSearch is an open source distributed and RESTful search engine. In affected versions there is an issue in the implementation of field-level security (FLS) and field masking where rules written to explicitly exclude fields are not correctly applied for certain queries that rely on their auto-generated .keyword fields. This issue is only present for authenticated users with read access to the indexes containing the restricted fields. This may expose data which may otherwise not be accessible to the user. OpenSearch 1.0.0-1.3.7 and 2.0.0-2.4.1 are affected. • https://github.com/opensearch-project/OpenSearch/releases/tag/2.5.0 https://github.com/opensearch-project/security/security/advisories/GHSA-v3cg-7r9h-r2g6 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •