Security Vulnerabilities - CVEs Published In May 2019
IdentityServer IdentityServer4 through 2.4 has stored XSS via the httpContext to the host/Extensions/RequestLoggerMiddleware.cs LogForErrorContext method, which can be triggered by viewing a log. NOTE: the software maintainer disputes that this is a vulnerability because the request logger is not part of IdentityServer but only our development test host
CVSS Score
6.1
EPSS Score
0.002
Published
2019-05-21
sadmin/ceditpost.php in UCMS 1.4.7 allows SQL Injection via the index.php?do=sadmin_ceditpost cvalue parameter.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-05-21
A missing permission check in Jenkins PAM Authentication Plugin 1.5 and earlier, except 1.4.1 in PamSecurityRealm.DescriptorImpl#doTest allowed users with Overall/Read permission to obtain limited information about the file /etc/shadow and the user Jenkins is running as.
CVSS Score
4.3
EPSS Score
0.0
Published
2019-05-21
Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS#12 certificate.
CVSS Score
4.3
EPSS Score
0.001
Published
2019-05-21
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.
CVSS Score
7.2
EPSS Score
0.021
Published
2019-05-20
A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
CVSS Score
6.1
EPSS Score
0.038
Published
2019-05-20
A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
CVSS Score
6.1
EPSS Score
0.038
Published
2019-05-20
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.
CVSS Score
6.1
EPSS Score
0.038
Published
2019-05-20
The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.
CVSS Score
7.2
EPSS Score
0.001
Published
2019-05-20
The Virim plugin 0.4 for WordPress allows Insecure Deserialization via s_values, t_values, or c_values in graph.php.
CVSS Score
9.8
EPSS Score
0.008
Published
2019-05-20