NewsPortal flaws reported

New flaws have been identified in NewsPortal that can be used to conduct cross-site scripting attacks by malicious users.

The highly critical flaw is caused by an input validation error in .php files, according to vulnerability monitoring firm Secunia. The flaw can be exploited to include arbitrary files from local and external resources.

“Some input isn’t properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site,” according to a Secunia advisory.

One solution to avoid malicious exploitation is to upgrade to NewsPortal version 0.37, according to an advisory posted on the French Security Incident Response Team site.

Service NSW launches Digital ID pilot

Telstra to outsource up to 442 tech roles to Infosys

Optus traces mobile outage to database software update glitch

Aussie Broadband to buy AGL's retail telco arm for $125m

Windows Secure Boot certificates expire in June, Microsoft warns

NewsPortal flaws reported

New flaws have been identified in NewsPortal that can be used to conduct cross-site scripting attacks by malicious users.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Services Australia describes fraud, debt-related machine learning use cases

Under malware threat, runaway AI agent project OpenClaw turns to Google's VirusTotal

Windows Secure Boot certificates expire in June, Microsoft warns

Errant security certificate behind six-hour Senate web service outage

Most popular tech stories

ANZ deploys Agentforce to supercharge new CRM system

CBA sets up dedicated AI risk committee for governance

ABC drops Salesforce for Braze

Nissan's A/NZ finance arm embarks on $35m digital transformation

Blacktown City Council trials AI for development applications

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Telstra Purple acquires IoT specialists Alliance Automation, Aqura Technologies

'Touch-free' smartphone controlled with head movements

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

Photos: The 2024 IoT Awards winners

Service NSW launches Digital ID pilot

Telstra to outsource up to 442 tech roles to Infosys

Optus traces mobile outage to database software update glitch

Aussie Broadband to buy AGL's retail telco arm for $125m

Windows Secure Boot certificates expire in June, Microsoft warns

NewsPortal flaws reported

New flaws have been identified in NewsPortal that can be used to conduct cross-site scripting attacks by malicious users.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Services Australia describes fraud, debt-related machine learning use cases

Under malware threat, runaway AI agent project OpenClaw turns to Google's VirusTotal

Windows Secure Boot certificates expire in June, Microsoft warns

Errant security certificate behind six-hour Senate web service outage

Most popular tech stories

ANZ deploys Agentforce to supercharge new CRM system

CBA sets up dedicated AI risk committee for governance

ABC drops Salesforce for Braze

Nissan's A/NZ finance arm embarks on $35m digital transformation

Blacktown City Council trials AI for development applications

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Telstra Purple acquires IoT specialists Alliance Automation, Aqura Technologies

'Touch-free' smartphone controlled with head movements

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

Photos: The 2024 IoT Awards winners

Log In