Overview CVE-2025-65966 describes a vulnerability in OneUptime version 9.0.5598, a solution designed for monitoring and managing online services. This vulnerability allows users with low privileges to bypass the intended account creation interface and directly create new accounts via API requests. This could potentially lead to unauthorized access and resource manipulation. Technical Details In OneUptime version 9.0.5598, the account creation process implemented insufficient access control checks on the API endpoint responsible for creating new accounts. A low-permission user, by crafting a specific API request, could successfully create new user accounts without proper authorization. This circumvents the intended account creation workflow, which…

Overview CVE-2025-65681 describes a sensitive data exposure vulnerability found in Overhang.IO (tutor-open-edx), specifically version 20.0.2. This vulnerability allows local unauthorized attackers to potentially access sensitive information due to the absence of proper cache-control HTTP headers and inadequate client-side session checks. Exploitation could lead to the leakage of user data, configuration details, or other confidential information. Technical Details The root cause of this vulnerability lies in the failure to implement proper cache-control HTTP headers. Without these headers, sensitive data may be cached by the browser or intermediate proxies, making it accessible to unauthorized users with local access to the system. Additionally,…

Overview A stored Cross-Site Scripting (XSS) vulnerability has been identified in Classroomio LMS version 0.1.13. This vulnerability, tracked as CVE-2025-65676, allows authenticated attackers to inject arbitrary web scripts that execute in other users’ browsers. The vulnerability stems from insufficient sanitization of user-supplied input in SVG cover images. Technical Details The vulnerability lies in the way Classroomio LMS handles SVG files uploaded as cover images. An attacker can craft a malicious SVG file containing embedded JavaScript code. When a user views a page that displays this image (e.g., a course page, profile page), the embedded JavaScript will execute within their browser…

Overview This article details a stored Cross-Site Scripting (XSS) vulnerability identified as CVE-2025-65675 affecting Classroomio LMS version 0.1.13. This vulnerability allows authenticated attackers to inject and execute arbitrary JavaScript code within the application, potentially leading to account compromise, data theft, and other malicious activities. The exploit is triggered by uploading a specially crafted SVG file as a user profile picture. Technical Details The vulnerability resides in the application’s handling of user-uploaded profile pictures, specifically when SVG files are permitted. The application fails to properly sanitize the SVG file content, allowing an attacker to embed malicious JavaScript code within the <svg>…

Overview CVE-2025-65672 details an Insecure Direct Object Reference (IDOR) vulnerability found in classroomio version 0.1.13. This vulnerability allows unauthorized users to potentially access and modify course settings, including sharing and invitation configurations, without proper authorization. This could lead to significant security risks, potentially impacting data privacy and integrity within the classroomio platform. Technical Details The IDOR vulnerability exists in the handling of course identification during share and invite operations within classroomio 0.1.13. An attacker could potentially manipulate the course ID parameter in a request to access settings of a course they are not authorized to manage. By altering the course…

Overview CVE-2025-65669 describes a critical vulnerability discovered in classroomio version 0.1.13. This flaw allows student accounts to delete courses directly from the “Explore” page. This action should be restricted to administrator accounts only. The vulnerability stems from a lack of proper authorization and authentication checks before executing the deletion function. Technical Details The vulnerability exists because the application fails to verify the user’s role or permissions before allowing them to delete a course. A student user can manipulate the application (e.g., by intercepting and modifying HTTP requests) to trigger the deletion functionality normally reserved for administrators. There are no apparent…

Overview CVE-2025-26155 details an Untrusted Search Path vulnerability affecting NCP Secure Enterprise Client version 13.18 and NCP Secure Entry Windows Client version 13.19. This vulnerability could allow a local attacker to execute arbitrary code with elevated privileges. It is crucial to understand the implications and take immediate action to mitigate this risk. Technical Details The vulnerability stems from the application’s reliance on the Windows search path when loading certain DLL files. If a malicious DLL file with the same name as one expected by the NCP client is placed in a directory that appears earlier in the search path than…

Published: 2025-11-26T19:15:46.387 Overview CVE-2021-4472 describes a local file inclusion (LFI) vulnerability found in the mistral-dashboard plugin for OpenStack. This vulnerability allows an attacker with sufficient privileges within the OpenStack environment to potentially read arbitrary files from the server’s file system. The flaw is located within the ‘Create Workbook’ feature of the dashboard. Technical Details The vulnerability arises from improper sanitization and validation of user-supplied input within the ‘Create Workbook’ functionality. Specifically, the application fails to adequately restrict the paths that can be specified when creating or importing a workbook. This allows an attacker to manipulate the input to include paths…

Overview CVE-2025-64130 is a critical security vulnerability affecting Zenitel TCIV-3+ intercom systems. This vulnerability is a reflected Cross-Site Scripting (XSS) issue, which can be exploited by a remote attacker to execute arbitrary JavaScript code within a victim’s browser. Successful exploitation of this vulnerability can lead to session hijacking, defacement of the intercom’s web interface, or redirection of the user to malicious websites. Technical Details The vulnerability lies in the handling of user-supplied input within the web interface of the Zenitel TCIV-3+ device. Specifically, certain parameters are not properly sanitized before being reflected back to the user’s browser. An attacker can…

Overview A critical out-of-bounds write vulnerability, identified as CVE-2025-64129, has been discovered in Zenitel TCIV-3+ devices. This vulnerability could allow a remote attacker to potentially crash the affected device, disrupting its normal operation. This poses a significant security risk, particularly for organizations relying on these devices for critical communication or security systems. Technical Details CVE-2025-64129 is an out-of-bounds write vulnerability within the Zenitel TCIV-3+ device. Out-of-bounds write vulnerabilities occur when a program writes data beyond the allocated memory buffer. A remote attacker, by sending specially crafted data to the affected device, could trigger this condition, potentially overwriting critical system memory…