{"vulnerability": "cve-2024-4378", "sightings": [{"uuid": "c2dafbf7-1920-41a2-9d7b-dcd806fdf3a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43784", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113551135091689384", "content": "", "creation_timestamp": "2024-11-26T20:26:58.658475Z"}, {"uuid": "64ee302e-f3c9-4877-95ae-85f4dc21fa74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43788", "type": "seen", "source": "https://gist.github.com/Wbaker7702/53198661ba029cb1af08a9ce551dbeb5", "content": "", "creation_timestamp": "2025-10-14T05:07:38.000000Z"}, {"uuid": "f4da5a6e-236d-471b-8000-ac7c0e578411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43788", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1007", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43788\n\ud83d\udd39 Description: Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.\n\ud83d\udccf Published: 2024-08-27T17:07:16.285Z\n\ud83d\udccf Modified: 2025-01-09T17:41:35.616Z\n\ud83d\udd17 References:\n1. https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986\n2. https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270\n3. https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61\n4. https://research.securitum.com/xss-in-amp4email-dom-clobbering\n5. https://scnps.co/papers/sp23_domclob.pdf", "creation_timestamp": "2025-01-09T18:19:34.000000Z"}, {"uuid": "bd81a63b-f300-4c93-8d79-ca414ad22c50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43789", "type": "seen", "source": "https://t.me/cvedetector/7284", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43789 - Discourse Denial of Service (DoS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43789 \nPublished : Oct. 7, 2024, 9:15 p.m. | 36\u00a0minutes ago \nDescription : Discourse is an open source platform for community discussion. A user can create a post with many replies, and then attempt to fetch them all at once. This can potentially reduce the availability of a Discourse instance. This problem has been patched in the latest version of Discourse. All users area are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T00:19:49.000000Z"}, {"uuid": "03e08929-f408-424c-b48c-1292760238c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43785", "type": "seen", "source": "https://t.me/cvedetector/3916", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43785 - Gitoxide Untrusted Path and Metadata Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43785 \nPublished : Aug. 22, 2024, 3:15 p.m. | 18\u00a0minutes ago \nDescription : gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does not neutralize newlines, backspaces, or control characters\u2014including those that form ANSI escape sequences\u2014that appear in a repository's paths, author and committer names, commit messages, or other metadata. Such text may be written as part of the output of a command, as well as appearing in error messages when an operation fails. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages. \nSeverity: 2.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T17:42:29.000000Z"}, {"uuid": "98fedf9a-4964-46af-abb7-2921dc94ad17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43783", "type": "seen", "source": "https://t.me/cvedetector/4264", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43783 - \"Apollo Router Custom Plugin Denial of Service and External Coprocessing Memory Exhaustion\"\", \n  \"Content\": \"CVE ID : CVE-2024-43783 \nPublished : Aug. 27, 2024, 6:15 p.m. | 22\u00a0minutes ago \nDescription : The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Instances of the Apollo Router running versions >=1.21.0 and =1.7.0 and Severity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-27T20:44:21.000000Z"}, {"uuid": "dc0f765f-6675-41eb-9343-ac99fc4eac10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43788", "type": "seen", "source": "https://t.me/cvedetector/4259", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43788 - WebPack DOM Clobbering XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43788 \nPublished : Aug. 27, 2024, 5:15 p.m. | 34\u00a0minutes ago \nDescription : Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-27T19:54:07.000000Z"}, {"uuid": "a8a8a876-ff37-4f50-82a3-c653cff36c19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43782", "type": "seen", "source": "https://t.me/cvedetector/3998", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43782 - OpenedX Translations Vulnerability: Script Injection Weakness\", \n  \"Content\": \"CVE ID : CVE-2024-43782 \nPublished : Aug. 23, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : This openedx-translations repository contains translation files from Open edX repositories to be kept in sync with Transifex. Before moving to pulling translations from the openedx-translations repository via openedx-atlas, translations in the edx-platform repository were validated using edx-i18n-tools. This validation included protection against malformed translations and translations-based script injections. Prior to this patch, the validation implemented in the openedx-translations repository did not include the same protections. The maintainer inspected the translations in the edx-platform directory of both the main and open-release/redwood.master branches of the openedx-translations repository and found no evidence of exploited translation strings. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T17:58:10.000000Z"}, {"uuid": "4e069992-2059-4a6f-91db-71aed70a59bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43781", "type": "seen", "source": "https://t.me/cvedetector/5210", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43781 - Siemens Sinumerik Insertion of Sensitive Information into Log File Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43781 \nPublished : Sept. 10, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified in SINUMERIK 828D V4 (All versions Severity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T13:23:51.000000Z"}, {"uuid": "b08a8fbc-bb70-4d4c-a7b6-37ea16e65831", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43780", "type": "seen", "source": "https://t.me/cvedetector/3933", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43780 - Mattermost Guest File Upload Permission Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43780 \nPublished : Aug. 22, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : Mattermost versions 9.9.x Severity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T19:23:14.000000Z"}, {"uuid": "62cee514-a5c1-46ec-81ee-cdee9afb5bdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43787", "type": "seen", "source": "https://t.me/cvedetector/3920", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43787 - Hono CSRF MIME Type Header Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-43787 \nPublished : Aug. 22, 2024, 3:15 p.m. | 18\u00a0minutes ago \nDescription : Hono is a Web application framework that provides support for any JavaScript runtime. Hono CSRF middleware can be bypassed using crafted Content-Type header. MIME types are case insensitive, but isRequestedByFormElementRe only matches lower-case. As a result, attacker can bypass csrf middleware using upper-case form-like MIME type. This vulnerability is fixed in 4.5.8. \nSeverity: 5.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T17:42:35.000000Z"}]}