Posted by Andrey Stoykov on Dec 18
# Exploit Title: Stored XSS with Filter Bypass – blogenginev3.3.8
# Date: 12/2024
# Exploit Author: Andrey Stoykov
# Version: 3.3.8
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/12/friday-fun-pentest-series-16-stored-xss.html
Stored XSS Filter Bypass #1:
Steps to Reproduce:
1. Login as admin and go to “Content” > “Posts”
2. On the right side of the page choose “Categories”
3. In…
Posted by Matthias Deeg via Fulldisclosure on Dec 18
Advisory ID: SYSS-2024-085
Product: CA Client Automation (CA DSM)
Manufacturer: Broadcom
Affected Version(s): 14.5.0.15
Tested Version(s): 14.5.0.15
Vulnerability Type: Improper Privilege Management (CWE-269)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2024-10-18
Solution Date: 2024-12-17
Public Disclosure:…
FEDORA-2024-03a1955920
Packages in this update:
webkitgtk-2.46.5-1.fc40
Update description:
Update to 2.46.5:
Fix several crashes and rendering issues.
CVE-2024-54479, CVE-2024-54502, CVE-2024-54508, CVE-2024-54505
FEDORA-2024-32bc143584
Packages in this update:
webkitgtk-2.46.5-1.fc41
Update description:
Update to 2.46.5:
Fix several crashes and rendering issues.
CVE-2024-54479, CVE-2024-54502, CVE-2024-54508, CVE-2024-54505
News, Advisories and much more