Stored XSS via Post Tittle Enabling Non-Privileged User to Privileged User Exploitation on https://forums.autodesk.com/

Bug reported by Manojkumar J was disclosed at February 26, 2025, 6:24 pm   |   Cross-site Scripting (XSS) - Stored

A stored cross-site scripting (XSS) vulnerability was found on Autodesk Forums. The vulnerability allowed an attacker to inject malicious JavaScript code when viewed by both non-privileged and privileged users. The vulnerability was fixed by Autodesk.

Non-Production API Endpoints for the Datazone Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

Bug reported by Nick Frichette (Datadog) was disclosed at February 26, 2025, 3:00 pm   |   Insufficient Logging

The vulnerability found in the Datazone service allows an adversary to enumerate permissions of compromised credentials without logging to CloudTrail. Forty-four non-production endpoints were identified that can be accessed using standard IAM credentials and do not generate CloudTrail logs. This vulnerability was reported to AWS as a security issue, as it enables silent permission enumeration.

Unsufficent input verification leads to DoS and resource consumption

Bug reported by Tinine was disclosed at February 26, 2025, 6:58 am   |   Uncontrolled Resource Consumption

The vulnerability affects the API endpoint at api.sorare.com/api/v1/users/, where insufficient input verification of the email parameter was discovered. This allowed an attacker to submit an excessively long email, causing the server to become unresponsive and return a 503 Service Unavailable error. No further details on potential impacts were provided.

Account Takeover via Password Reset without user interactions

Bug reported by Asterion was disclosed at February 26, 2025, 6:29 am   |   Improper Access Control - Generic

The report submitted to GitLab described a vulnerability that allowed account takeover via the password reset form. The vulnerability was triggered by modifying the JSON request to include the victim's email along with the attacker's email. This resulted in the password reset email being sent to both emails, allowing the attacker to access the victim's account by using the reset link.