dotCMS v5.1.1 Vulnerabilities

2019-05-09 Thread John Martinelli
Hello, I identified several vulnerabilities in dotCMS v5.1.1 due to vulnerable open source dependencies. Full security write up: http://secureli.com/dotcms-v5-1-1-vulnerable-open-source-dependencies/ The details:  /ROOT/html/js/scriptaculous/prototype.js ↳ prototypejs 1.5.0 prototypejs

SEC Consult SA-20190509-0 :: Multiple Vulnerabilities in Gemalto (Thales Group) DS3 Authentication Server / Ezio Server

2019-05-09 Thread SEC Consult Vulnerability Lab
SEC Consult Vulnerability Lab Security Advisory < 20190509-0 > === title: Multiple Vulnerabilities product: Gemalto (Thales Group) DS3 Authentication Server / Ezio Server vuln