SEC Consult SA-20241127-0 :: Stored Cross-Site Scripting in Omada Identity (CVE-2024-52951)

Read Time:16 Second

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Nov 27

SEC Consult Vulnerability Lab Security Advisory < 20241127-0 >
=======================================================================
title: Stored Cross-Site Scripting
product: Omada Identity
vulnerable version: <v15U1, <v14.14 hotfix #309
fixed version: v15U1, v14.14 hotfix #309
CVE number: CVE-2024-52951
impact: Medium
homepage:…

mingw-python-jinja2-3.1.5-1.fc40

FEDORA-2025-5f04326f4f Packages in this update: mingw-python-jinja2-3.1.5-1.fc40 Update description: Update to jinja2-3.1.5. Read More

January 8, 2025

mingw-python-jinja2-3.1.5-1.fc41

FEDORA-2025-dbe19a2b1f Packages in this update: mingw-python-jinja2-3.1.5-1.fc41 Update description: Update to jinja2-3.1.5. Read More

January 8, 2025

seamonkey-2.53.20-2.el8

FEDORA-EPEL-2025-ef6b6c8d41 Packages in this update: seamonkey-2.53.20-2.el8 Update description: Fix bookmarks restoring from file. Update to 2.53.20 Read More

January 8, 2025

seamonkey-2.53.20-2.fc40

FEDORA-2025-4945eb6eeb Packages in this update: seamonkey-2.53.20-2.fc40 Update description: Fix bookmarks restoring from file. Update to 2.53.20 Read More

January 8, 2025

seamonkey-2.53.20-2.fc41

FEDORA-2025-135cf1b7f3 Packages in this update: seamonkey-2.53.20-2.fc41 Update description: Fix bookmarks restoring from file. Update to 2.53.20 Read More

January 8, 2025

USN-7190-1: Tinyproxy vulnerability

It was discovered that Tinyproxy did not properly manage memory during the parsing of HTTP connection headers. An attacker could...

January 8, 2025

US Launches Cyber Trust Mark for IoT Devices

Scammers Exploit Microsoft 365 to Target PayPal Users

Casio Admits Security Failings as Attackers Leak Employee and Customer Data

New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices

Fake Government Officials Use Remote Access Tools for Card Fraud

Google’s Willow Quantum Chip and Its Potential Threat to Current Encryption Standards

A Day in the Life of a Prolific Voice Phishing Crew

The AI Fix #32: Agentic AI, killer robot fridges, and the robosexual revolution

New Research Highlights Vulnerabilities in MLOps Platforms

SEC Consult SA-20241127-0 :: Stored Cross-Site Scripting in Omada Identity (CVE-2024-52951)

mingw-python-jinja2-3.1.5-1.fc40

mingw-python-jinja2-3.1.5-1.fc41

seamonkey-2.53.20-2.el8

seamonkey-2.53.20-2.fc40

seamonkey-2.53.20-2.fc41

USN-7190-1: Tinyproxy vulnerability