CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1251 vulnerabilities reference this CWE, most recent first.
GHSA-7MVW-H642-VQV7
Vulnerability from github – Published: 2022-05-11 00:00 – Updated: 2025-01-02 21:31Windows NTFS Information Disclosure Vulnerability.
{
"affected": [],
"aliases": [
"CVE-2022-26933"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-10T21:15:00Z",
"severity": "MODERATE"
},
"details": "Windows NTFS Information Disclosure Vulnerability.",
"id": "GHSA-7mvw-h642-vqv7",
"modified": "2025-01-02T21:31:32Z",
"published": "2022-05-11T00:00:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26933"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26933"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26933"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7P22-9F27-W6FQ
Vulnerability from github – Published: 2022-04-16 00:00 – Updated: 2022-04-23 00:03A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter.
{
"affected": [],
"aliases": [
"CVE-2022-27257"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-15T18:15:00Z",
"severity": "HIGH"
},
"details": "A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter.",
"id": "GHSA-7p22-9f27-w6fq",
"modified": "2022-04-23T00:03:12Z",
"published": "2022-04-16T00:00:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27257"
},
{
"type": "WEB",
"url": "https://framagit.org/hubzilla/core/-/commit/0784cd593a39a4fc297e8a82f7e79bc8019a0868#1c497fbb3a46b78edf04cc2a2fa33f67e3ffbe2a"
},
{
"type": "WEB",
"url": "https://hubzilla.org/channel/hubzilla"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7R3Q-QX4P-Q5JF
Vulnerability from github – Published: 2022-05-24 19:13 – Updated: 2022-07-13 00:01Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
{
"affected": [],
"aliases": [
"CVE-2021-1929"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-08T12:15:00Z",
"severity": "MODERATE"
},
"details": "Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",
"id": "GHSA-7r3q-qx4p-q5jf",
"modified": "2022-07-13T00:01:02Z",
"published": "2022-05-24T19:13:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1929"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2021-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7RHX-X8P4-75C7
Vulnerability from github – Published: 2022-05-13 01:03 – Updated: 2022-05-13 01:03Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "Drag and Drop Information Disclosure Vulnerability."
{
"affected": [],
"aliases": [
"CVE-2011-1258"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2011-06-16T20:55:00Z",
"severity": "MODERATE"
},
"details": "Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka \"Drag and Drop Information Disclosure Vulnerability.\"",
"id": "GHSA-7rhx-x8p4-75c7",
"modified": "2022-05-13T01:03:28Z",
"published": "2022-05-13T01:03:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1258"
},
{
"type": "WEB",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12495"
},
{
"type": "WEB",
"url": "http://blogs.technet.com/b/msrc/archive/2011/06/09/june-advance-notification-service-and-10-immutable-laws-revisited.aspx"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-7V4X-V824-898C
Vulnerability from github – Published: 2022-07-18 00:00 – Updated: 2022-07-26 00:00In Montala ResourceSpace through 9.8 before r19636, csv_export_results_metadata.php allows attackers to export collection metadata via a non-NULL k value.
{
"affected": [],
"aliases": [
"CVE-2022-31260"
],
"database_specific": {
"cwe_ids": [
"CWE-306",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-17T20:15:00Z",
"severity": "MODERATE"
},
"details": "In Montala ResourceSpace through 9.8 before r19636, csv_export_results_metadata.php allows attackers to export collection metadata via a non-NULL k value.",
"id": "GHSA-7v4x-v824-898c",
"modified": "2022-07-26T00:00:28Z",
"published": "2022-07-18T00:00:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31260"
},
{
"type": "WEB",
"url": "https://github.com/grymer/CVE/blob/master/CVE-2022-31260.md"
},
{
"type": "WEB",
"url": "https://www.resourcespace.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7V5M-29MQ-3XQ4
Vulnerability from github – Published: 2022-05-08 00:00 – Updated: 2022-05-18 00:00Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser."
{
"affected": [],
"aliases": [
"CVE-2022-30334"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-07T05:15:00Z",
"severity": "MODERATE"
},
"details": "Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises \"Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser.\"",
"id": "GHSA-7v5m-29mq-3xq4",
"modified": "2022-05-18T00:00:35Z",
"published": "2022-05-08T00:00:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30334"
},
{
"type": "WEB",
"url": "https://github.com/brave/brave-browser/issues/18071"
},
{
"type": "WEB",
"url": "https://github.com/brave/brave-core/pull/10760"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/1337624"
},
{
"type": "WEB",
"url": "https://support.brave.com/hc/en-us/articles/360018121491-What-is-a-Private-Window-with-Tor-Connectivity-"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7V5M-MJHX-X6GC
Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2022-07-13 00:01An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment.
{
"affected": [],
"aliases": [
"CVE-2021-41790"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-21T09:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment.",
"id": "GHSA-7v5m-mjhx-x6gc",
"modified": "2022-07-13T00:01:41Z",
"published": "2022-05-24T19:18:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41790"
},
{
"type": "WEB",
"url": "https://github.com/Alfresco/acs-packaging/blob/master/DISCLOSURES.md"
},
{
"type": "WEB",
"url": "https://www.themissinglink.com.au"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7V89-WQR4-9X78
Vulnerability from github – Published: 2022-01-14 00:02 – Updated: 2023-04-19 18:30Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
{
"affected": [],
"aliases": [
"CVE-2021-30314"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-13T12:15:00Z",
"severity": "MODERATE"
},
"details": "Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables",
"id": "GHSA-7v89-wqr4-9x78",
"modified": "2023-04-19T18:30:58Z",
"published": "2022-01-14T00:02:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30314"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/january-2022-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7VQG-R6CW-6W76
Vulnerability from github – Published: 2022-08-02 00:00 – Updated: 2022-08-06 00:00The YaySMTP WordPress plugin before 2.2.1 does not have capability check before displaying the Mailer Credentials in JS code for the settings, allowing any authenticated users, such as subscriber to retrieve them
{
"affected": [],
"aliases": [
"CVE-2022-2370"
],
"database_specific": {
"cwe_ids": [
"CWE-668",
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-01T13:15:00Z",
"severity": "MODERATE"
},
"details": "The YaySMTP WordPress plugin before 2.2.1 does not have capability check before displaying the Mailer Credentials in JS code for the settings, allowing any authenticated users, such as subscriber to retrieve them",
"id": "GHSA-7vqg-r6cw-6w76",
"modified": "2022-08-06T00:00:49Z",
"published": "2022-08-02T00:00:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2370"
},
{
"type": "WEB",
"url": "https://wpscan.com/vulnerability/bedda2a9-6c52-478e-b17a-7a4488419334"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7VR7-CGHH-CH63
Vulnerability from github – Published: 2023-06-20 16:45 – Updated: 2023-06-20 16:45Impact
The mail obfuscation configuration was not fully taken into account and while the mail displayed to the end user was obfuscated: - the rest response was also containing the mail unobfuscated - user were able to filter and sort on the unobfuscated (allowing to infer the mail content)
The consequence was the possibility to retrieve the email addresses of all users even when obfuscated.
See https://jira.xwiki.org/browse/XWIKI-20333 for the reproduction steps.
Patches
This has been patched in XWiki 14.10.4, XWiki 14.4.8, and XWiki 15.0-rc-1.
Workarounds
The workaround is to modify the page XWiki.LiveTableResultsMacros following this patch.
References
https://jira.xwiki.org/browse/XWIKI-20333
For more information
If you have any questions or comments about this advisory:
- Open an issue in Jira XWiki.org
- Email us at Security Mailing List
Attribution
This vulnerability has been reported on Intigriti by @floerer
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-livetable-ui"
},
"ranges": [
{
"events": [
{
"introduced": "3.5-milestone-1"
},
{
"fixed": "14.4.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-livetable-ui"
},
"ranges": [
{
"events": [
{
"introduced": "14.5"
},
{
"fixed": "14.10.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-34467"
],
"database_specific": {
"cwe_ids": [
"CWE-402",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2023-06-20T16:45:32Z",
"nvd_published_at": "2023-06-23T17:15:09Z",
"severity": "HIGH"
},
"details": "### Impact\nThe mail obfuscation configuration was not fully taken into account and while the mail displayed to the end user was obfuscated:\n- the rest response was also containing the mail unobfuscated\n- user were able to filter and sort on the unobfuscated (allowing to infer the mail content)\n\nThe consequence was the possibility to retrieve the email addresses of all users even when obfuscated.\n\nSee https://jira.xwiki.org/browse/XWIKI-20333 for the reproduction steps.\n\n### Patches\nThis has been patched in XWiki 14.10.4, XWiki 14.4.8, and XWiki 15.0-rc-1.\n\n### Workarounds\nThe workaround is to modify the page `XWiki.LiveTableResultsMacros` following this [patch](https://github.com/xwiki/xwiki-platform/commit/71f889db9962df2d385f4298e29cfbc9050b828a#diff-5a739e5865b1f1ad9d79b724791be51b0095a0170cc078911c940478b13b949a).\n\n### References\n\nhttps://jira.xwiki.org/browse/XWIKI-20333\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [Jira XWiki.org](https://jira.xwiki.org/)\n* Email us at [Security Mailing List](mailto:security@xwiki.org)\n\n### Attribution\n\nThis vulnerability has been reported on Intigriti by @floerer",
"id": "GHSA-7vr7-cghh-ch63",
"modified": "2023-06-20T16:45:32Z",
"published": "2023-06-20T16:45:32Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-7vr7-cghh-ch63"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34467"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/71f889db9962df2d385f4298e29cfbc9050b828a#diff-5a739e5865b1f1ad9d79b724791be51b0095a0170cc078911c940478b13b949a"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-platform"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-20333"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "XWiki Platform may retrieve email addresses of all users "
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.