all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Squiz Matrix CMS Authenticated Privilege Escalation through IDOR

Add to bookmarks
Aug. 31, 2022, midnight |

SpiderLabs Blog from Trustwave www.trustwave.com

During a recent engagement, Trustwave SpiderLabs discovered an Indirect Object Reference (IDOR) vulnerability within Squiz Matrix CMS which would allow any low privileged user to change the contact details of any other user on a Squiz Matrix instance (including administrators).

cms escalation idor matrix privilege privilege escalation

Visit resource

More from www.trustwave.com / SpiderLabs Blog from Trustwave

The Invisible Battleground: Essentials of EASM 1 day, 1 hour ago | www.trustwave.com
attack attack surface attack surface management cyber +13
EDR – The Multi-Tool of Security Defenses 1 day, 1 hour ago | www.trustwave.com
blog blog posts can cybersecurity +10
Fake Dialog Boxes to Make Malware More Convincing 6 days, 1 hour ago | www.trustwave.com
dialog engagement fake loader +7
The Secret Cipher: Modern Data Loss Prevention Solutions 1 week, 1 day ago | www.trustwave.com
automated can cipher data +18
CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway 1 week, 3 days ago | www.trustwave.com
alto arbitrary code attacker code +25
CNAPP, CSPM, CIEM, CWPP – Oh My! 2 weeks, 1 day ago | www.trustwave.com
alphabet ciem cnapp cspm +9
Phishing Deception - Suspended Domains Reveal Malicious Payload for Latin American Region 2 weeks, 4 days ago | www.trustwave.com
american attachment campaign deception +12
Zero Trust Essentials 3 weeks, 1 day ago | www.trustwave.com
blog blog posts can cybersecurity +8
Why We Should Probably Stop Visually Verifying Checksums 3 weeks, 6 days ago | www.trustwave.com
checksums hello start thanks +2

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Network AWS Cloud &Firewall Engineer

@ Arthur Grand Technologies Inc | Plano, TX, United States
View on infosec-jobs.com

Lead Consultant, Data Centre & BCP

@ Singtel | Singapore, Singapore
View on infosec-jobs.com

Protocol Security Engineer

@ Osmosis Labs | Remote
View on infosec-jobs.com

Technical Engineer - Payments Security Specialist

@ H&M Group | Bengaluru, India
View on infosec-jobs.com

Intern, Security Architecture

@ Sony | Work from Home-CA
View on infosec-jobs.com
View more jobs