Security Vulnerabilities - CVEs Published In 2021
Affected versions of Atlassian Jira Server and Data Center allow attackers with access to an administrator account that has had its access revoked to modify projects' Users & Roles settings, via a Broken Authentication vulnerability in the /plugins/servlet/project-config/PROJECT/roles endpoint. The affected versions are before version 8.19.1.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-12-08
KNIME Server before 4.13.4 allows directory traversal in a request for a client profile.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-12-08
KNIME Server before 4.13.4 allows XSS via the old WebPortal login page.
CVSS Score
8.8
EPSS Score
0.006
Published
2021-12-08
Laravel is a web application framework. Laravel prior to versions 8.75.0, 7.30.6, and 6.20.42 contain a possible cross-site scripting (XSS) vulnerability in the Blade templating engine. A broken HTML element may be clicked and the user taken to another location in their browser due to XSS. This is due to the user being able to guess the parent placeholder SHA-1 hash by trying common names of sections. If the parent template contains an exploitable HTML structure an XSS vulnerability can be exposed. This vulnerability has been patched in versions 8.75.0, 7.30.6, and 6.20.42 by determining the parent placeholder at runtime and using a random hash that is unique to each request.
CVSS Score
5.3
EPSS Score
0.004
Published
2021-12-08
In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.
CVSS Score
7.3
EPSS Score
0.001
Published
2021-12-08
An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. The bucket credentials used to read and write data in Couchbase Server were insecurely being stored in the metadata within sync documents written to the bucket. Users with read access could use these credentials to obtain write access. (This issue does not affect clusters where Sync Gateway is authenticated with X.509 client certificates. This issue also does not affect clusters where shared bucket access is not enabled on Sync Gateway.)
CVSS Score
8.1
EPSS Score
0.003
Published
2021-12-07
GL.iNet GL-AR150 2.x before 3.x devices, configured as repeaters, allow cgi-bin/router_cgi?action=scanwifi XSS when an attacker creates an SSID with an XSS payload as the name.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-12-07
Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment Management System in PHP and PayPal Free Source Code 1.0, that allows attackers to obtain sensitive information and execute arbitrary SQL commands via IDNO parameter.
CVSS Score
7.2
EPSS Score
0.004
Published
2021-12-07
Apereo CAS through 6.4.1 allows XSS via POST requests sent to the REST API endpoints.
CVSS Score
6.1
EPSS Score
0.68
Published
2021-12-07
ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large (e.g., 300KB) HTTP request can occupy one of the limited NGINX worker processes for minutes and consume almost all of the available CPU on the machine. Modsecurity 2 is similarly vulnerable: the affected versions include 2.8.0 through 2.9.4.
CVSS Score
7.5
EPSS Score
0.022
Published
2021-12-07