Linkace
Monthly
LinkAce versions 2.1.0 and earlier allow authenticated users to inappropriately associate other users' private taxonomies with their own links through insufficient authorization checks in the processTaxonomy() method. This enables privilege escalation where attackers can gain unauthorized access to private tags and lists belonging to other users on the same instance. The vulnerability requires valid authentication credentials and has no available patch at this time.
Server-side request forgery in LinkAce allows authenticated users to make arbitrary HTTP requests to internal network addresses and cloud metadata endpoints by providing malicious URLs during link creation, bypassing validation controls that exist elsewhere in the application. An attacker with valid credentials can exploit this to access Docker service hostnames, internal services, and sensitive metadata endpoints. No patch is currently available for this vulnerability affecting PHP-based LinkAce deployments.
Stored XSS in LinkAce 2.4.2 and below allows authenticated users to inject malicious JavaScript through improperly sanitized list descriptions in the Atom feed endpoint, which executes in browsers via native SVG elements without requiring an RSS reader. An attacker can exploit this to perform actions on behalf of victims visiting the feed URL, with public exploit code already available. A patch is available to remediate this cross-site scripting vulnerability affecting the self-hosted link archiving application.
LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
LinkAce is a self-hosted archive to collect website links. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. Public exploit code available.
LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
LinkAce versions 2.1.0 and earlier allow authenticated users to inappropriately associate other users' private taxonomies with their own links through insufficient authorization checks in the processTaxonomy() method. This enables privilege escalation where attackers can gain unauthorized access to private tags and lists belonging to other users on the same instance. The vulnerability requires valid authentication credentials and has no available patch at this time.
Server-side request forgery in LinkAce allows authenticated users to make arbitrary HTTP requests to internal network addresses and cloud metadata endpoints by providing malicious URLs during link creation, bypassing validation controls that exist elsewhere in the application. An attacker with valid credentials can exploit this to access Docker service hostnames, internal services, and sensitive metadata endpoints. No patch is currently available for this vulnerability affecting PHP-based LinkAce deployments.
Stored XSS in LinkAce 2.4.2 and below allows authenticated users to inject malicious JavaScript through improperly sanitized list descriptions in the Atom feed endpoint, which executes in browsers via native SVG elements without requiring an RSS reader. An attacker can exploit this to perform actions on behalf of victims visiting the feed URL, with public exploit code already available. A patch is available to remediate this cross-site scripting vulnerability affecting the self-hosted link archiving application.
LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
LinkAce is a self-hosted archive to collect website links. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. Public exploit code available.
LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.