Rewterz

Rewterz Threat Alert – Hard Pass: Declining APT34’s Invite to Join Their Professional Network

July 19, 2019
Rewterz

Rewterz Threat Alert – Trickbot Trojan Pushed By Fake Office 365 Sites as Browser Update

July 19, 2019

Rewterz Threat Advisory – CVE-2019-13345 – Squid Multiple Cross Site Scripting Vulnerabilities

Severity

Medium

Analysis Summary

Squid is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.

Impact

Cross site scripting

Affected Vendors

Squid

Affected Products

Squid versions through 4.7

Remediation

Update to version 4.8.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.