Missing Authorization vulnerability in SecuPress SecuPress Free secupress.This issue affects SecuPress Free: from n/a through <= 2.2.5.3. [CVSS 5.3 MEDIUM]
This affects versions of the package bn.j versions up to 5.2.3. is affected by loop with unreachable exit condition (infinite loop) (CVSS 5.3).
uTLS versions 1.6.0 through 1.8.0 fail to properly mimic Chrome's cipher suite selection behavior when using GREASE ECH, randomly choosing ChaCha20 for encrypted client hello while consistently using AES for the outer handshake—a mismatch that does not occur in actual Chrome and creates detectable fingerprints. This inconsistency affects users relying on uTLS for fingerprinting resistance and could enable network observers to distinguish uTLS traffic from legitimate Chrome connections. A patch is available to correct the cipher suite selection logic.
Frappe Learning Management System versions 2.44.0 and below allow unauthenticated attackers to retrieve sensitive details about unpublished courses through API endpoints, exposing course content that should remain restricted. This information disclosure vulnerability affects all users of the affected versions, with no patch currently available pending the 2.45.0 release.
PJSIP versions 2.16 and below contain a heap buffer overflow in the H.264 video unpacketizer that fails to properly validate NAL unit size fields in malformed SRTP packets, allowing remote attackers to trigger memory corruption on systems receiving H.264 video streams. The vulnerability has a CVSS score of 5.3 and enables information disclosure through heap memory access. A patch is available for affected deployments.
Reflected XSS in SVXportal 2.5 and earlier allows unauthenticated attackers to inject malicious JavaScript through an unsanitized search parameter in log.php, enabling session hijacking or unauthorized actions when victims click a crafted link. The vulnerability requires user interaction but has no authentication requirement and affects all users of the vulnerable versions.
SVXportal version 2.5 and earlier allow unauthenticated attackers to perform stored cross-site scripting attacks through the user registration form, where unencoded user inputs are persisted and executed in administrator browsers. An attacker can inject malicious JavaScript via registration fields like firstname, lastname, or email that will trigger when administrators access the users management interface. No patch is currently available for this vulnerability.
SVXportal 2.5 and earlier allows authenticated attackers to inject arbitrary scripts through an unsanitized stationid parameter in radiomobile_front.php, which executes in an administrator's browser context when they visit a crafted URL. This reflected XSS vulnerability enables attackers to hijack admin sessions or execute unauthorized actions with administrative privileges. No patch is currently available.
SVXportal 2.5 and earlier allows authenticated users to inject malicious scripts into user profile fields (firstname, lastname, email, image_url) that execute in administrators' browsers when viewing user management pages. An attacker with a valid account can exploit this stored XSS vulnerability to perform administrative actions or steal session credentials by targeting users with higher privileges. No patch is currently available for this vulnerability.
Reflected XSS in SVXportal 2.5 and earlier allows attackers to inject malicious JavaScript through the search parameter in admin/log.php, which executes in administrators' browsers when they visit a crafted URL. An authenticated attacker could exploit this to steal admin sessions, forge administrative actions, or perform other browser-based attacks with elevated privileges. No patch is currently available.
Kargo versions 1.9.0 through 1.9.2 fail to enforce the custom "promote" authorization verb in three REST API endpoints, allowing authenticated users with standard Kubernetes RBAC permissions to trigger promotions without the intended fine-grained access controls. An attacker with patch permissions on freight status or create permissions on promotions can bypass promotion pipeline restrictions and advance software artifacts unauthorized. A patch is available to restore the missing authorization checks.
Tanium addressed a use-after-free vulnerability in the Cloud Workloads Enforce client extension. [CVSS 4.7 MEDIUM]
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fox-themes Prague prague-plugins allows Reflected XSS.This issue affects Prague: from n/a through <= 2.2.8. [CVSS 7.1 HIGH]
Seraphinite Solutions Seraphinite Accelerator seraphinite-accelerator is affected by missing authorization (CVSS 4.3).