24/7/365 access to a team of world-class, certified ethical hackers to repair and harden your website.

WPEngine Open-Source Dependency Vulnerability

An open-source dependency vulnerability affects WPEngine’s PHPCompat module on https://github.com/wpengine/phpcompat /src/js/handlebars.js ↳ handlebars.js 4.0.3 has known vulnerabilities: severity: high; summary: A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template; https://snyk.io/vuln/SNYK-JS-HANDLEBARS-173692 https://github.com/wycats/handlebars.js/commit/7372d4e9dffc9d70c09671aa28b9392a1577fd86 severity: high; summary: A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template; …

RetireJS Vulnerabilities Identified With RetireJS

I decided to scan RetireJS using its own codebase, and discovered the following issues in RetireJS: /home/omi/clients/retire/firefox/test/web/dojo.js ↳ dojo 1.4.2 has known vulnerabilities: severity: medium; PR: 307; https://github.com/dojo/dojo/pull/307 https://dojotoolkit.org/blog/dojo-1-14-released /home/omi/clients/retire/firefox/test/web/retire-example-0.0.1.js ↳ retire-example 0.0.1 has known vulnerabilities: severity: low; CVE: CVE-XXXX-XXXX, bug: 1234, summary: bug summary; http://github.com/eoftedal/retire.js/ /home/omi/clients/retire/firefox/test/web/retire-example.js ↳ retire-example 0.0.1 has known vulnerabilities: severity: low; …

The Art of Responding to Advisories, Responsible Patching, and Transparency with Users

Recently, I communicated 3 serious security vulnerabilities that affected major a Java-based CMS that powers. I sent a message via e-mail, and they quickly released a “hot fix” that was merely hiding the vulnerable files behind their authentication system. The reason this is not an effective way to protect your digital applications is because an …

dotCMS v5.1.1 HTML Injection & XSS Vulnerability

dotCMS v5.1.1 suffers from an HTML injection and XSS vulnerability, in addition to many other vulnerabilities that I am still verifying. Here’s a screenshot of HTML injection: To reproduce this vulnerability, simply go to https://dotcms.com/dotAdmin/ and login with their demo credentials (username: [email protected] password: admin) and then visit the following URL: https://demo.dotcms.com/html/portlet/ext/files/edit_text_inc.jsp?referer=%22%3EHTML%20Code%20Injection%20Here%20and%20XSS%20Vulnerability%20%3Cbr%3E%3Cbr%3E There are more …

dotCMS v5.1.1 – Vulnerable Open Source Dependencies

dotCMS v5.1.1 suffers from several vulnerabilities due to the reliance on open source dependencies with publicly disclosed issues. These vulnerabilities are listed below: Scanning open source dependencies of dotCMS_5.1.1   /ROOT/html/js/scriptaculous/prototype.js   ↳ prototypejs 1.5.0 prototypejs 1.5.0 has known vulnerabilities: severity: high; CVE: CVE-2008-7220; http://www.cvedetails.com/cve/CVE-2008-7220/ http://prototypejs.org/2008/01/25/prototype-1-6-0-2-bug-fixes-performance-improvements-and-security/   ROOT/assets/3/6/36c22c5d-c813-4869-a4b7-fcc10a74e8b6/fileAsset/jquery.min.js   ↳ jquery 1.9.1 jquery 1.9.1 has …