Cookie Consent by Free Privacy Policy Generator ๐Ÿ“Œ CVE-2023-39345 | Strapi/plugin-users-permissions prior 4.13.1 User Registration API access control (GHSA-gc7p-j5xm-xxh2)
Team IT Security Nachrichtenportal Logo

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security
RSS Feed Symbol fรผr Team IT Security 800+ IT News als RSS Feed abonnieren



๐Ÿ“š CVE-2023-39345 | Strapi/plugin-users-permissions prior 4.13.1 User Registration API access control (GHSA-gc7p-j5xm-xxh2)


๐Ÿ’ก Newskategorie: Sicherheitslรผcken
๐Ÿ”— Quelle: vuldb.com

A vulnerability classified as critical was found in Strapi and plugin-users-permissions. Affected by this vulnerability is an unknown functionality of the component User Registration API. The manipulation leads to improper access controls. This vulnerability is known as CVE-2023-39345. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component. ...



Sharing is caring on Social Media

๐Ÿ”— Reddit
๐Ÿ”— Telegram
๐Ÿ”— LinkedIn
๐Ÿ”— Xing
๐Ÿ”— Twitter
๐Ÿ”— Whatsapp
๐Ÿ”— Facebook
๐Ÿ”— Flipboard

Join the Team IT Security Community

๐Ÿ”— "IT Sicherheit" Reddit-Gruppe
๐Ÿ”— "IT Sicherheit" Telegramm-Seite

๐Ÿ“Œ Low CVE-2020-8123: Strapi Strapi


๐Ÿ“ˆ 43.32 Punkte

๐Ÿ“Œ Low CVE-2020-13961: Strapi Strapi


๐Ÿ“ˆ 43.32 Punkte

๐Ÿ“Œ Low CVE-2020-27666: Strapi Strapi


๐Ÿ“ˆ 43.32 Punkte

๐Ÿ“Œ Medium CVE-2020-27665: Strapi Strapi


๐Ÿ“ˆ 43.32 Punkte

๐Ÿ“Œ Medium CVE-2020-27664: Strapi Strapi


๐Ÿ“ˆ 43.32 Punkte

๐Ÿ“Œ CVE-2022-39801 | SAP GRC Access control Emergency Access Management Firefighter Session access control (GHSA-jjjv-grgr-v8h3)


๐Ÿ“ˆ 36.49 Punkte

๐Ÿ“Œ CVE-2024-1046 | collizo4sky Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content Plugin Shortcode cross site scripting (ID 3030229)


๐Ÿ“ˆ 35.68 Punkte

๐Ÿ“Œ CVE-2024-3210 | collizo4sky Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content Plugin cross site scripting (ID 3067520)


๐Ÿ“ˆ 35.68 Punkte

๐Ÿ“Œ TIBCO FTP Community Edition up to 6.5.0 on Windows Server/C API/Golang API/Java API/.Net API access control


๐Ÿ“ˆ 35.03 Punkte

๐Ÿ“Œ CVE-2019-16919 | Harbor API Access Control API Request default permission (GHSA-x2r2-w9c7-h624)


๐Ÿ“ˆ 33.69 Punkte

๐Ÿ“Œ CVE-2024-0212 | Cloudflare Plugin up to 4.12.2 on Wordpress API access control (GHSA-h2fj-7r3m-7gf2)


๐Ÿ“ˆ 32.66 Punkte

๐Ÿ“Œ CVE-2022-41918 | OpenSearch up to 1.3.6/2.3.x Access Control Rules access control (GHSA-wmx7-x4jp-9jgg)


๐Ÿ“ˆ 31.65 Punkte

๐Ÿ“Œ django-registration up to 3.1.1 on Django User Registration information exposure


๐Ÿ“ˆ 30.99 Punkte

๐Ÿ“Œ Dropcontact: API key is not validated for C.R.M integration [Pipedrive] of LOGGED IN USER, A user can use another USER'S API key for this operation.


๐Ÿ“ˆ 29.74 Punkte

๐Ÿ“Œ CVE-2024-0701 | UserPro Plugin up to 5.1.6 on WordPress Membership Registration access control


๐Ÿ“ˆ 29.26 Punkte

๐Ÿ“Œ CVE-2022-31367 | Strapi up to 3.6.9/4.1.9 Admin API Response sql injection


๐Ÿ“ˆ 28.43 Punkte

๐Ÿ“Œ CVE-2022-28802 | Code by Zapier prior 2022-08-17 Role-Based Access Control access control


๐Ÿ“ˆ 28.33 Punkte

๐Ÿ“Œ CVE-2022-36075 | Nextcloud Files Access Control prior 1.12.2/1.13.1/1.14.1 Filename information disclosure (GHSA-4m73-g7v7-v62w)


๐Ÿ“ˆ 27.84 Punkte

๐Ÿ“Œ CVE-2022-39199 | Codenotary immudb Client SDK prior 1.4.1 access control (GHSA-6cqj-6969-p57x)


๐Ÿ“ˆ 27.84 Punkte

๐Ÿ“Œ CVE-2022-36111 | Codenotary immudb Client SDK prior 1.4.1 Server access control (GHSA-672p-m5jq-mrh8)


๐Ÿ“ˆ 27.84 Punkte

๐Ÿ“Œ CVE-2022-23513 | AdminLTE prior 5.18 phpqueryads.php access control (GHSA-6qh8-6rrj-7497)


๐Ÿ“ˆ 27.84 Punkte

๐Ÿ“Œ CVE-2022-48365 | eZ Platform Ibexa Kernel prior 1.3.26 access control (GHSA-8h83-chh2-fchp)


๐Ÿ“ˆ 27.84 Punkte

๐Ÿ“Œ CVE-2022-48367 | eZ Publish Ibexa Kernel prior 7.5.28 Object State access control (GHSA-5x4f-7xgq-r42x)


๐Ÿ“ˆ 27.84 Punkte

๐Ÿ“Œ CVE-2024-0965 | pluginsandsnippets Simple Page Access Restriction Plugin up to 1.0.21 on WordPress REST API access control (ID 3030099)


๐Ÿ“ˆ 27.67 Punkte

๐Ÿ“Œ CVE-2022-39289 | ZoneMinder API access control (GHSA-mpcx-3gvh-9488)


๐Ÿ“ˆ 27.51 Punkte

๐Ÿ“Œ CVE-2024-29200 | Kimai up to 2.12.x API insufficient granularity of access control (GHSA-cj3c-5xpm-cx94)


๐Ÿ“ˆ 27.51 Punkte

๐Ÿ“Œ CVE-2019-19609 | Strapi Framework up to 3.0.0-beta.17.7 Plugin execa input validation (ID 163940)


๐Ÿ“ˆ 27.41 Punkte

๐Ÿ“Œ Netgear JGS516PE prior 2.6.0.43 Access Control access control


๐Ÿ“ˆ 27.14 Punkte

๐Ÿ“Œ Using Strapi Policies To Create Editable User Profiles


๐Ÿ“ˆ 26.86 Punkte

๐Ÿ“Œ Display External User Avatars Using Strapi's Custom Routes as a Proxy


๐Ÿ“ˆ 26.86 Punkte

๐Ÿ“Œ Medium CVE-2020-35151: Online marriage registration system project Online marriage registration system


๐Ÿ“ˆ 26.38 Punkte

๐Ÿ“Œ Low CVE-2020-26052: Online marriage registration system project Online marriage registration system


๐Ÿ“ˆ 26.38 Punkte

๐Ÿ“Œ Low CVE-2021-29663: Course registration management system project Course registration management system


๐Ÿ“ˆ 26.38 Punkte

๐Ÿ“Œ Low CVE-2021-21416: Django-registration project Django-registration


๐Ÿ“ˆ 26.38 Punkte

๐Ÿ“Œ CVE-2022-43097 | Phpgurukul User Registration & User Management System 3.0 Form/Login Page firstname/lastname cross site scripting


๐Ÿ“ˆ 25.37 Punkte











matomo

Kontakt

24/7 [email protected]

Weitere Informationen

Google Android Playstore Download Button fรผr Team IT Security
๐Ÿ”— Impressum
๐Ÿ”— Datenschutz
Paypal Spenden fรผr Projekt

Social Media

๐Ÿ”— Facebook
๐Ÿ”— Reddit
๐Ÿ”— Team IT Security als Elektron App
๐Ÿ”— © 2015-2023 Team IT Security Nachrichtenportal รผber Cybersecurity
๐Ÿ”— CMS "myDraft" a PHP Portal Software