February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – FormBook Malware – Active IOCs
February 19, 2023Rewterz Threat Advisory – Multiple Microsoft SQL Server Vulnerabilities
February 20, 2023Rewterz Threat Alert – FormBook Malware – Active IOCs
February 19, 2023Rewterz Threat Advisory – Multiple Microsoft SQL Server Vulnerabilities
February 20, 2023
Severity
Medium
Analysis Summary
CVE-2023-22380
GitHub Enterprise Server could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user request when building a GitHub Pages site. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system.
Impact
- Information Theft
Indicators Of Compromise
CVE
- CVE-2023-22380
Affected Vendors
GitHUB
Affected Products
- GitHub Enterprise Server 3.7.5
Remediation
Upgrade to the latest version of GitHub Enterprise Server, available from the GitHub Website.