Nautobot is a Network Source of Truth and Network Automation Platform built as a web application All users of Nautobot versions earlier than 1.6.6 or 2.0.5 are potentially affected by a cross-site scripting vulnerability. There are no known workarounds for this vulnerability. This issue has been addressed in release version 4.1.3. Should any HTTPS application be present on the internal network with a vulnerability exploitable via a GET call, then it would be possible to exploit this using this vulnerability. An attacker can send requests within internal networks and the local host. This can allow an attacker with control over the `translateOptions` to set the `tld` to a payload such as This causes the full URL to become where `translate.google.` is the username used to connect to localhost. The `translateOptions.tld` field is not properly sanitized before being placed in the Google translate URL. An attacker can set a malicious `tld`, causing the application to return unsafe URLs pointing towards local resources. A Server-Side Request Forgery (SSRF) Vulnerability is present in applications utilizing the `google-translate-api-browser` package and exposing the `translateOptions` to the end user. Google-translate-api-browser is an npm package which interfaces with the google translate web api. This can allow authenticated attackers with contributor-level permissions or above to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. The Crayon Syntax Highlighter plugin for WordPress is vulnerable to Server Side Request Forgery via the 'crayon' shortcode in versions up to, and including, 2.8.4. This information can be used to learn internal structure of the application and to further plot attacks against web servers and deployed web applications. The responses for web queries with certain parameters disclose internal path of resources. By providing a URL-encoded input attackers can cause the software’s web application to redirect to the chosen domain after a successful login is performed. A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an openredirect vulnerability leading to a cross site scripting attack.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |