Hello and welcome to the Tuesday, July 18, 2023 edition of the Sansanet Storm Center's Stormcast. My name is Johannes Ulrich and today I'm recording from Jacksonville, Florida.

Well, today we got a couple of different war on abilities to report about it are already being exploited.

Let's start with Simbra.

Simbra, the collaboration suite, published a blog post that in version 8815, there is cross-sad scripting vulnerability that is actively being exploited.

Apparently, some attacks against systems in

the Ukraine used this particular vulnerability. However, there is no simple patch. If you're reading

the Simpra block, it basically just advises you to edit a particular file and well what the edit does is probably what

it should do and that's just escape XML so basically properly escape this pre-filled parameter in a

form that will then prevent the particular cross-site scripting vulnerability from being exploited.

Second vulnerability is older, that's WooCommerce vulnerability that was patched back in March,

but again, is now actively being exploited.

WooCommerce is a payment plugin that works with Verde Breast,

so somewhat popular to create these.

The second vulnerability is a little bit older vulnerability, CVE 2020, 23, 28121.

It's a vulnerability in WooCommerce. WooCommerce is a WordPress plugin that's frequently used to sort of build online stores on top of WordPress. Back in March,

critical vulnerability was patched in WooCommerce that allows authentication bypass.

Essentially, any user may become an administrator exploiting this vulnerability.

Beginning of July, RCE security published some details about how to exploit this vulnerability.

Looks like attackers were listening and now are exploiting this particular problem.

It's actually one of those real simple ones where you set a specific header, essentially, to become

administrator. So really easy to exploit once you know. you set a specific header essentially to become administrator,

so really easy to exploit once you know how to do it.

...