cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2024-23673,https://securityvulnerability.io/vulnerability/CVE-2024-23673,Malicious Code Execution via Path Traversal in Apache Sling Servlets Resolver,"A vulnerability has been identified in the Apache Sling Servlets Resolver that allows for malicious code execution through path traversal. This issue affects all versions prior to 2.11.0. The degree of vulnerability is contingent on the specific configuration of the system. If exploited, users with write access to the repository could manipulate the Sling Servlet Resolver into executing a script that has been previously uploaded. It is advisable to upgrade to version 2.11.0 to mitigate this risk effectively, regardless of current system configuration.",Apache,Apache Sling Servlets Resolver,7.5,HIGH,0.0009599999757483602,false,,false,false,false,,,false,false,,2024-02-06T10:04:21.294Z,0 CVE-2022-45064,https://securityvulnerability.io/vulnerability/CVE-2022-45064,Apache Sling Engine: Include-based XSS,"A notable vulnerability exists in the Apache Sling Engine where the SlingRequestDispatcher fails to correctly implement the RequestDispatcher API. This flaw creates opportunities for a generic type of include-based cross-site scripting attacks at the Apache Sling level. Attackers can exploit this vulnerability by including a resource with specific content-types and controlling the include path. This unauthorized access can lead to serious consequences, such as privilege escalation to administrative roles. To mitigate this risk, it is crucial to update to Apache Sling Engine version 2.14.0 or later and to enable the 'Check Content-Type overrides' configuration option.",Apache,Apache Sling Engine,8,HIGH,0.0016400000313296914,false,,false,false,false,,,false,false,,2023-04-13T10:01:14.502Z,0 CVE-2023-26513,https://securityvulnerability.io/vulnerability/CVE-2023-26513,Apache Sling Resource Merger: Requests to certain paths managed by the Apache Sling Resource Merger can lead to DoS,"An excessive iteration vulnerability has been identified in the Apache Sling Resource Merger component, affecting versions prior to 1.4.2. This flaw could potentially be exploited by attackers to compromise the application’s integrity and lead to various security risks. It is crucial for users of the affected versions to implement the recommended updates to safeguard their applications and data.",Apache,Apache Sling Resource Merger,7.5,HIGH,0.0015899999998509884,false,,false,false,false,,,false,false,,2023-03-20T13:15:00.000Z,0 CVE-2023-25621,https://securityvulnerability.io/vulnerability/CVE-2023-25621,Apache Sling does not allow to handle i18n content in a secure way,"Privilege Escalation vulnerability in Apache Software Foundation Apache Sling. Any content author is able to create i18n dictionaries in the repository in a location the author has write access to. As these translations are used across the whole product, it allows an author to change any text or dialog in the product. For example an attacker might fool someone by changing the text on a delete button to ""Info"". This issue affects the i18n module of Apache Sling up to version 2.5.18. Version 2.6.2 and higher limit by default i18m dictionaries to certain paths in the repository (/libs and /apps). Users of the module are advised to update to version 2.6.2 or higher, check the configuration for resource loading and then adjust the access permissions for the configured path accordingly. ",Apache,Apache Sling,6.5,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2023-02-23T09:15:00.000Z,0 CVE-2023-25141,https://securityvulnerability.io/vulnerability/CVE-2023-25141,JNDI injection into Apache sling-org-apache-sling-jcr-base,"Apache Sling JCR Base versions prior to 3.1.12 are susceptible to an injection vulnerability when utilized with outdated Java Development Kit (JDK) versions, specifically JDK 1.8.191 or earlier. This vulnerability exists within utility functions in the RepositoryAccessor, namely getRepository and getRepositoryFromURL, which permit unauthorized access to remote data over JDNI and RMI protocols. It is essential for users to either update to Apache Sling JCR Base version 3.1.12 or above or transition to a more current version of JDK to mitigate the risks associated with this vulnerability.",Apache,Apache Sling JCR Base,7.5,HIGH,0.000859999970998615,false,,false,false,false,,,false,false,,2023-02-14T13:15:00.000Z,0 CVE-2023-22849,https://securityvulnerability.io/vulnerability/CVE-2023-22849,Apache Sling App CMS: XSS in CMS Reference / UI Components,"An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Sling App CMS version 1.1.4 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting (XSS) attack in multiple features. Upgrade to Apache Sling App CMS >= 1.1.6 ",Apache,Apache Sling App CMS,6.1,MEDIUM,0.0017800000496208668,false,,false,false,false,,,false,false,,2023-02-04T21:15:00.000Z,0 CVE-2022-46769,https://securityvulnerability.io/vulnerability/CVE-2022-46769,Apache Sling App CMS: XSS in CMS Site Group Detail,"An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Sling App CMS version 1.1.2 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting (XSS) attack in the site group feature. Upgrade to Apache Sling App CMS >= 1.1.4 ",Apache,Apache Sling App Cms,5.4,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2023-01-09T10:14:56.823Z,0 CVE-2022-43670,https://securityvulnerability.io/vulnerability/CVE-2022-43670,XSS in Sling CMS Reference App Taxonomy Path,An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the taxonomy management feature.,Apache,Apache Sling App Cms,5.4,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2022-11-02T00:00:00.000Z,0 CVE-2022-32549,https://securityvulnerability.io/vulnerability/CVE-2022-32549,log injection in Sling logging,Apache Sling Commons Log <= 5.4.0 and Apache Sling API <= 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake logs and potentially corrupt log files.,Apache,Apache Sling,5.3,MEDIUM,0.0015999999595806003,false,,false,false,false,,,false,false,,2022-06-22T14:25:10.000Z,0 CVE-2021-44549,https://securityvulnerability.io/vulnerability/CVE-2021-44549,SMTPS server hostname not checked when making TLS connection to SMTPS server,"Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of ""man in the middle"" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these additional checks are disabled by default in JavaMail/Jakarta Mail. The SimpleMailService in Apache Sling Commons Messaging Mail 1.0 lacks an option to enable these checks for the shared mail session. A user could enable these checks nevertheless by accessing the session via the message created by SimpleMessageBuilder and setting the property mail.smtps.ssl.checkserveridentity to true. Apache Sling Commons Messaging Mail 2.0 adds support for enabling server identity checks and these checks are enabled by default. - https://javaee.github.io/javamail/docs/SSLNOTES.txt - https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html - https://github.com/eclipse-ee4j/mail/issues/429",Apache,Apache Sling Commons Messaging Mail,7.4,HIGH,0.0008200000156648457,false,,false,false,false,,,false,false,,2021-12-14T15:15:10.000Z,0 CVE-2020-1949,https://securityvulnerability.io/vulnerability/CVE-2020-1949,,Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS attacks.,Apache,Apache Sling,6.1,MEDIUM,0.0026400000788271427,false,,false,false,false,,,false,false,,2020-04-01T18:25:32.000Z,0 CVE-2017-15717,https://securityvulnerability.io/vulnerability/CVE-2017-15717,,"A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special crafted URLs to pass as valid, although they carry XSS payloads. The affected versions are Apache Sling XSS Protection API 1.0.4 to 1.0.18, Apache Sling XSS Protection API Compat 1.1.0 and Apache Sling XSS Protection API 2.0.0.",Apache,Apache Sling,6.1,MEDIUM,0.0021200000774115324,false,,false,false,false,,,false,false,,2018-01-10T00:00:00.000Z,0 CVE-2012-3353,https://securityvulnerability.io/vulnerability/CVE-2012-3353,,"The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including local files, causing potential information leaks. Users should upgrade to version 2.1.6 of the JCR ContentLoader",Apache,Apache Sling,7.5,HIGH,0.0007200000109151006,false,,false,false,false,,,false,false,,2018-01-09T02:29:00.000Z,0 CVE-2017-15700,https://securityvulnerability.io/vulnerability/CVE-2017-15700,,"A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectValid method in Apache Sling Authentication Service 1.4.0 allows an attacker, through the Sling login form, to trick a victim to send over their credentials.",Apache,Apache Sling,8.8,HIGH,0.0007200000109151006,false,,false,false,false,,,false,false,,2017-12-18T00:00:00.000Z,0 CVE-2017-9802,https://securityvulnerability.io/vulnerability/CVE-2017-9802,,"The Javascript method Sling.evalString() in Apache Sling Servlets Post before 2.3.22 uses the javascript 'eval' function to parse input strings, which allows for XSS attacks by passing specially crafted input strings.",Apache,Sling Servlets Post,6.1,MEDIUM,0.0021800000686198473,false,,false,false,false,,,false,false,,2017-08-14T13:00:00.000Z,0 CVE-2016-5394,https://securityvulnerability.io/vulnerability/CVE-2016-5394,,"In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to pass through unencoded, leading to potential XSS vulnerabilities.",Apache,Apache Sling,6.1,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2017-07-19T15:29:00.000Z,0 CVE-2016-6798,https://securityvulnerability.io/vulnerability/CVE-2016-6798,,"In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an insecure SAX parser to validate the input string, which allows for XXE attacks in all scripts which use this method to validate user input, potentially allowing an attacker to read sensitive data on the filesystem, perform same-site-request-forgery (SSRF), port-scanning behind the firewall or DoS the application.",Apache,Apache Sling,9.8,CRITICAL,0.002139999996870756,false,,false,false,true,2018-11-19T08:59:42.000Z,true,false,false,,2017-07-19T15:29:00.000Z,0 CVE-2016-0956,https://securityvulnerability.io/vulnerability/CVE-2016-0956,,"The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors.",Apache,Sling,7.5,HIGH,0.01776999980211258,false,,false,false,false,,,false,false,,2016-02-10T20:00:00.000Z,0 CVE-2015-2944,https://securityvulnerability.io/vulnerability/CVE-2015-2944,,"Multiple cross-site scripting (XSS) vulnerabilities in Apache Sling API before 2.2.2 and Apache Sling Servlets Post before 2.1.2 allow remote attackers to inject arbitrary web script or HTML via the URI, related to (1) org/apache/sling/api/servlets/HtmlResponse and (2) org/apache/sling/servlets/post/HtmlResponse.",Apache,"Sling Servlets Post,Sling Api",,,0.003379999892786145,false,,false,false,false,,,false,false,,2015-06-02T14:00:00.000Z,0 CVE-2013-4390,https://securityvulnerability.io/vulnerability/CVE-2013-4390,,"Open redirect vulnerability in the AbstractAuthenticationFormServlet in the Auth Core (org.apache.sling.auth.core) bundle before 1.1.4 in Apache Sling allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the resource parameter, related to ""a custom login form and XSS.""",Apache,"Sling Auth Core Component,Sling",,,0.001820000004954636,false,,false,false,false,,,false,false,,2013-10-24T03:48:00.000Z,0