Microsoft Exchange Server Exploit Code Posted to GitHub

Subscribe to Newsletters

More Informa Tech Live Events

White Papers

7 Experts on Implementing Microsoft Defender for Endpoint

A Guide to Build vs Buy Service Models for Threat Detection and Response

Simplify Your Application Security

The Ultimate Cyber Skills Strategy Cheat Sheet

Gartner Market Guide for Insider Risk Management Solutions

More White Papers

Video

All Videos

Cartoon

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

2021 Top Enterprise IT TrendsWe’ve identified the key trends that are poised to impact the IT landscape in 2021. Find out why they’re important and how they will affect you today!

Back Issues | Must Reads

Flash Poll

All Polls

How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.

Download Now!

Assessing Cybersecurity Risk in Today’s Enterprises

0 comments

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2020-29045
PUBLISHED: 2021-03-11

The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the fdm_cart cookie in load_cart_from_cookie in includes/class-cart-manager.php.

CVE-2020-14988
PUBLISHED: 2021-03-11

An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows XSS in the login page via the loginmessage parameter, the text editor via the src attribute of HTML elements, the translations menu via the foldername parameter, the author page via the link URL, or the u…

CVE-2020-14989
PUBLISHED: 2021-03-11

An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows CSRF if the attacker uses GET where POST was intended.

CVE-2020-14987
PUBLISHED: 2021-03-11

An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows remote attackers to execute arbitrary code because there is a mishandling of the capability for administrators to write and run Groovy scripts within the updater editor. An attacker must use an AST transf…

CVE-2021-27679
PUBLISHED: 2021-03-11

Cross-site scripting (XSS) vulnerability in Navigation in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name.

The post Microsoft Exchange Server Exploit Code Posted to GitHub appeared first on Malware Devil.

https://malwaredevil.com/2021/03/11/microsoft-exchange-server-exploit-code-posted-to-github-2/?utm_source=rss&utm_medium=rss&utm_campaign=microsoft-exchange-server-exploit-code-posted-to-github-2