The Mozilla Foundation has patched nine High risk vulnerabilities in Firefox 96, as well as new security protections to guard against Cross-Site Request Forgery (CSRF) attacks.
Cybersecurity researchers have discovered a series of chained Atlassian vulnerabilities that could have allowed an attacker to take over an Atlassian account connected via SSO and control Atlassian applications.
Drupal has released security updates to address Critical cross site request forgery (CSRF) and Arbitrary PHP code execution vulnerabilities affecting multiple versions of Drupal. A remote attacker could exploit these vulnerabilities to compromise an affected system. In the first security advisory SA-CORE-2020-004, Drupal patched one Critical CSRF vulnerability CVE-2020-13663. This issues exists when Drupal core Form …
Cisco has released security updates for Webex, IOS, and other products. Two of the vulnerabilities are rated High severity and should be prioritized.
A security researcher recently detected a zero-day CSRF vulnerability CVE-2019-12922 in phpMyAdmin 18.104.22.168, which allows the deletion of any server in the Setup page.