Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 3671bab7b3ba · 2025-11-15T02:16:01.000Z
GHSA-mgvx-rpfc-9mpv GHSA-2j97-4jmq-c4xf GHSA-q285-wfpg-93hr GHSA-4v8w-gg5j-ph37
diff --git a/advisories/github-reviewed/2025/03/GHSA-mgvx-rpfc-9mpv/GHSA-mgvx-rpfc-9mpv.json b/advisories/github-reviewed/2025/03/GHSA-mgvx-rpfc-9mpv/GHSA-mgvx-rpfc-9mpv.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-mgvx-rpfc-9mpv",
-  "modified": "2025-11-03T22:55:15Z",
+  "modified": "2025-11-15T02:13:04Z",
   "published": "2025-03-25T00:30:26Z",
   "aliases": [
     "CVE-2025-1974"
@@ -63,6 +63,10 @@
       "type": "WEB",
       "url": "https://github.com/kubernetes/kubernetes/issues/131009"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/B1ack4sh/Blackash-CVE-2025-1974"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/kubernetes/ingress-nginx"
diff --git a/advisories/github-reviewed/2025/10/GHSA-2j97-4jmq-c4xf/GHSA-2j97-4jmq-c4xf.json b/advisories/github-reviewed/2025/10/GHSA-2j97-4jmq-c4xf/GHSA-2j97-4jmq-c4xf.json
@@ -1,14 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2j97-4jmq-c4xf",
-  "modified": "2025-10-31T21:25:36Z",
+  "modified": "2025-11-15T02:15:05Z",
   "published": "2025-10-31T18:31:15Z",
   "aliases": [
     "CVE-2025-62264"
   ],
   "summary": "Liferay Portal Vulnerable to Reflected XSS via the selectedLanguageId Parameter",
   "details": "Reflected cross-site scripting (XSS) vulnerability in Languauge Override in Liferay Portal 7.4.3.8 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, and 7.4 update 4 through update 92 allows remote attackers to inject arbitrary web script or HTML via the `_com_liferay_portal_language_override_web_internal_portlet_PLOPortlet_selectedLanguageId` parameter.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"
diff --git a/advisories/github-reviewed/2025/10/GHSA-q285-wfpg-93hr/GHSA-q285-wfpg-93hr.json b/advisories/github-reviewed/2025/10/GHSA-q285-wfpg-93hr/GHSA-q285-wfpg-93hr.json
@@ -1,14 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-q285-wfpg-93hr",
-  "modified": "2025-11-03T20:16:18Z",
+  "modified": "2025-11-15T02:15:25Z",
   "published": "2025-10-31T21:31:02Z",
   "aliases": [
     "CVE-2025-62267"
   ],
   "summary": "Liferay Portal and DXP affected by multiple cross-site scripting (XSS) vulnerabilities in web content template’s select structure page",
   "details": "Multiple cross-site scripting (XSS) vulnerabilities in web content template’s select structure page in Liferay Portal 7.4.3.35 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 update 35 through update 92 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a user’s (1) First Name, (2) Middle Name, or (3) Last Name text field.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"
diff --git a/advisories/github-reviewed/2025/11/GHSA-4v8w-gg5j-ph37/GHSA-4v8w-gg5j-ph37.json b/advisories/github-reviewed/2025/11/GHSA-4v8w-gg5j-ph37/GHSA-4v8w-gg5j-ph37.json
@@ -1,14 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4v8w-gg5j-ph37",
-  "modified": "2025-11-04T22:16:19Z",
+  "modified": "2025-11-15T02:13:22Z",
   "published": "2025-11-03T17:07:36Z",
   "aliases": [
     "CVE-2025-47776"
   ],
   "summary": "MantisBT vulnerable to authentication bypass for some passwords due to PHP type juggling",
   "details": "Due to an incorrect use of loose (`==`) instead of strict (`===`) comparison in the [authentication code][1], PHP type juggling will cause interpretation of certain MD5 hashes as numbers, specifically those matching scientific notation.\n\n[1]: https://github.com/mantisbt/mantisbt/blob/0fb502dd613991e892ed2224ac5ea3e40ba632bc/core/authentication_api.php#L782\n\n### Impact\nOn MantisBT instances configured to use the *MD5* login method, user accounts having a password hash evaluating to zero (i.e. matching regex `^0+[Ee][0-9]+$`) are vulnerable, allowing an attacker knowing the victim's username to login without knowledge of their actual password, using any other password having a  hash evaluating to zero, for example `comito5` (0e579603064547166083907005281618). \n\nNo password bruteforcing for individual users is needed, thus $g_max_failed_login_count does not protect against the attack.\n\n### Patches\nFixed in 2.27.2.\n\n### Workarounds\nCheck the database for vulnerable accounts, and change those users' passwords, e.g. for MySQL:\n```sql\nSELECT username, email FROM mantis_user_table WHERE password REGEXP '^0+[Ee][0-9]+$'\n```\n\n### Credits\nThanks to Harry Sintonen / Reversec for discovering and reporting the issue.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
