VARIoT IoT vulnerabilities database

In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file. Provided by OMRON Corporation CX-Supervisor Contains the following multiple vulnerabilities: * * Stack-based buffer overflow (CWE-121) - CVE-2018-7513 ∙ Stack-based buffer overflow may occur due to processing of specially crafted project files. * * Uninitialized pointer access (CWE-824) - CVE-2018-7515 There is a possibility of accessing an uninitialized pointer due to the processing of a specially crafted packet. * * Write outside memory boundary (CWE-787) - CVE-2018-7517 ∙ There is a possibility of writing outside the memory boundary due to processing of a specially crafted project file. * * Memory double release (CWE-415) - CVE-2018-7523 This is a memory double release vulnerability caused by processing of specially crafted project files. * * Untrusted pointer reference (CWE-822) - CVE-2018-7525 There is a possibility of referring to untrusted pointers due to processing of specially crafted packets.A remote attacker could execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of project files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. CX-Supervisor is a Miscellaneous Shareware software. CX-Supervisor is dedicated to the design and operation of PC visualization and machine control. There is a free use vulnerability in the Omron CX-Supervisor 3.30 version. Omron CX-Supervisor is prone to the following security vulnerabilities: 1. A stack-based buffer-overflow vulnerability 2. A heap-based buffer-overflow vulnerability 3. Omron CX-Supervisor Versions 3.30 and prior are vulnerable; other versions may also be affected. Omron CX-Supervisor is a visual machine controller produced by Omron Corporation of Japan

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow. * * Uninitialized pointer access (CWE-824) - CVE-2018-7515 There is a possibility of accessing an uninitialized pointer due to the processing of a specially crafted packet. * * Write outside memory boundary (CWE-787) - CVE-2018-7517 ∙ There is a possibility of writing outside the memory boundary due to processing of a specially crafted project file. * * Freed memory used (CWE-416) - CVE-2018-7521 This is a vulnerability in the use of released memory due to processing of specially crafted project files. * * Memory double release (CWE-415) - CVE-2018-7523 This is a memory double release vulnerability caused by processing of specially crafted project files. * * Untrusted pointer reference (CWE-822) - CVE-2018-7525 There is a possibility of referring to untrusted pointers due to processing of specially crafted packets.A remote attacker could execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of SCS project files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. CX-Supervisor is a Miscellaneous Shareware software. CX-Supervisor is dedicated to the design and operation of PC visualization and machine control. A buffer overflow vulnerability exists in Omron CX-Supervisor 3.30 and earlier. Omron CX-Supervisor is prone to the following security vulnerabilities: 1. A stack-based buffer-overflow vulnerability 2. A heap-based buffer-overflow vulnerability 3. Omron CX-Supervisor Versions 3.30 and prior are vulnerable; other versions may also be affected. Omron CX-Supervisor is a visual machine controller produced by Omron Corporation of Japan

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow. * * Uninitialized pointer access (CWE-824) - CVE-2018-7515 There is a possibility of accessing an uninitialized pointer due to the processing of a specially crafted packet. * * Write outside memory boundary (CWE-787) - CVE-2018-7517 ∙ There is a possibility of writing outside the memory boundary due to processing of a specially crafted project file. * * Freed memory used (CWE-416) - CVE-2018-7521 This is a vulnerability in the use of released memory due to processing of specially crafted project files. * * Memory double release (CWE-415) - CVE-2018-7523 This is a memory double release vulnerability caused by processing of specially crafted project files. * * Untrusted pointer reference (CWE-822) - CVE-2018-7525 There is a possibility of referring to untrusted pointers due to processing of specially crafted packets.A remote attacker could execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of SCS project files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. CX-Supervisor is a Miscellaneous Shareware software. CX-Supervisor is dedicated to the design and operation of PC visualization and machine control. Omron CX-Supervisor is prone to the following security vulnerabilities: 1. A stack-based buffer-overflow vulnerability 2. A heap-based buffer-overflow vulnerability 3. Omron CX-Supervisor Versions 3.30 and prior are vulnerable; other versions may also be affected. Omron CX-Supervisor is a visual machine controller produced by Omron Corporation of Japan

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability. Provided by OMRON Corporation CX-Supervisor Contains the following multiple vulnerabilities: * * Stack-based buffer overflow (CWE-121) - CVE-2018-7513 ∙ Stack-based buffer overflow may occur due to processing of specially crafted project files. * * Uninitialized pointer access (CWE-824) - CVE-2018-7515 There is a possibility of accessing an uninitialized pointer due to the processing of a specially crafted packet. * * Write outside memory boundary (CWE-787) - CVE-2018-7517 ∙ There is a possibility of writing outside the memory boundary due to processing of a specially crafted project file. * * Heap-based buffer overflow (CWE-122) - CVE-2018-7519 ∙ A heap-based buffer overflow may occur due to processing of a specially crafted project file. * * Freed memory used (CWE-416) - CVE-2018-7521 This is a vulnerability in the use of released memory due to processing of specially crafted project files. * * Memory double release (CWE-415) - CVE-2018-7523 This is a memory double release vulnerability caused by processing of specially crafted project files. * * Untrusted pointer reference (CWE-822) - CVE-2018-7525 There is a possibility of referring to untrusted pointers due to processing of specially crafted packets.A remote attacker could execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of SCS project files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. CX-Supervisor is a Miscellaneous Shareware software. CX-Supervisor is dedicated to the design and operation of PC visualization and machine control. Omron CX-Supervisor is prone to the following security vulnerabilities: 1. A stack-based buffer-overflow vulnerability 2. A heap-based buffer-overflow vulnerability 3. Omron CX-Supervisor Versions 3.30 and prior are vulnerable; other versions may also be affected. Omron CX-Supervisor is a visual machine controller produced by Omron Corporation of Japan. An out-of-bounds read vulnerability exists in Omron CX-Supervisor 3.30 and earlier versions

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a double free vulnerability. Provided by OMRON Corporation CX-Supervisor Contains the following multiple vulnerabilities: * * Stack-based buffer overflow (CWE-121) - CVE-2018-7513 ∙ Stack-based buffer overflow may occur due to processing of specially crafted project files. * * Uninitialized pointer access (CWE-824) - CVE-2018-7515 There is a possibility of accessing an uninitialized pointer due to the processing of a specially crafted packet. * * Write outside memory boundary (CWE-787) - CVE-2018-7517 ∙ There is a possibility of writing outside the memory boundary due to processing of a specially crafted project file. * * Heap-based buffer overflow (CWE-122) - CVE-2018-7519 ∙ A heap-based buffer overflow may occur due to processing of a specially crafted project file. * * Untrusted pointer reference (CWE-822) - CVE-2018-7525 There is a possibility of referring to untrusted pointers due to processing of specially crafted packets.A remote attacker could execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of SCS project files. When parsing a malformed scatter chart object, the process does not properly validate the existence of an object prior to performing operations on it. An attacker can leverage this vulnerability to execute code under the context of the current process. CX-Supervisor is a Miscellaneous Shareware software. CX-Supervisor is dedicated to the design and operation of PC visualization and machine control. Omron CX-Supervisor is prone to the following security vulnerabilities: 1. A stack-based buffer-overflow vulnerability 2. A heap-based buffer-overflow vulnerability 3. Omron CX-Supervisor Versions 3.30 and prior are vulnerable; other versions may also be affected. Omron CX-Supervisor is a visual machine controller produced by Omron Corporation of Japan

In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untrusted pointer dereference vulnerability. Provided by OMRON Corporation CX-Supervisor Contains the following multiple vulnerabilities: * * Stack-based buffer overflow (CWE-121) - CVE-2018-7513 ∙ Stack-based buffer overflow may occur due to processing of specially crafted project files. * * Uninitialized pointer access (CWE-824) - CVE-2018-7515 There is a possibility of accessing an uninitialized pointer due to the processing of a specially crafted packet. * * Write outside memory boundary (CWE-787) - CVE-2018-7517 ∙ There is a possibility of writing outside the memory boundary due to processing of a specially crafted project file. * * Heap-based buffer overflow (CWE-122) - CVE-2018-7519 ∙ A heap-based buffer overflow may occur due to processing of a specially crafted project file. * * Freed memory used (CWE-416) - CVE-2018-7521 This is a vulnerability in the use of released memory due to processing of specially crafted project files. * * Memory double release (CWE-415) - CVE-2018-7523 This is a memory double release vulnerability caused by processing of specially crafted project files. * * Untrusted pointer reference (CWE-822) - CVE-2018-7525 There is a possibility of referring to untrusted pointers due to processing of specially crafted packets.A remote attacker could execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of CDM file. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code under the context of the current process. CX-Supervisor is a Miscellaneous Shareware software. CX-Supervisor is dedicated to the design and operation of PC visualization and machine control. Omron CX-Supervisor is prone to the following security vulnerabilities: 1. A stack-based buffer-overflow vulnerability 2. A heap-based buffer-overflow vulnerability 3. Omron CX-Supervisor Versions 3.30 and prior are vulnerable; other versions may also be affected. Omron CX-Supervisor is a visual machine controller produced by Omron Corporation of Japan

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for firewall lan_manage mac2. TP-Link TL-WR886N The device contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. TP-LinkTL-WR886N is a wireless router product of China TP-LINK. There are security vulnerabilities in TP-LinkTL-WR886N6.02.3.4 and 7.01.1.0. A security vulnerability exists in TP-Link TL-WR886N 6.0 2.3.4 version and 7.0 1.1.0 version

Authentication bypass in Hanwha Techwin Smartcams. Hanwha Techwin Smartcam Authentication firmware contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HanwhaTechwinSmartcam is a series of security surveillance cameras based on cloud services. Hanwha Techwin Smartcams is a cloud-based security monitoring device from Hanwha Korea. There is a security flaw in Hanwha Techwin Smartcams

Denial of service by uploading malformed firmware in Hanwha Techwin Smartcams. Hanwha Techwin Smartcam Contains a data processing vulnerability.Denial of service (DoS) May be in a state. HanwhaTechwinSmartcam is a series of security surveillance cameras based on cloud services. Hanwha Techwin Smartcams is a cloud-based security monitoring device from Hanwha Korea. There is a security flaw in Hanwha Techwin Smartcams

Unsecured way of firmware update in Hanwha Techwin Smartcams. Hanwha Techwin Smartcam Authentication firmware contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HanwhaTechwinSmartcam is a series of security surveillance cameras based on cloud services. There is currently no detailed vulnerability description. Hanwha Techwin Smartcams is a cloud-based security monitoring device from Hanwha Korea. There is a security flaw in Hanwha Techwin Smartcams

Remote password change in Hanwha Techwin Smartcams. Hanwha Techwin Smartcam Vulnerabilities related to certificate and password management exist in the firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HanwhaTechwinSmartcam is a series of security surveillance cameras based on cloud services. Hanwha Techwin Smartcams is a cloud-based security monitoring device from Hanwha Korea. There is a security flaw in Hanwha Techwin Smartcams

Buffer overflow in Hanwha Techwin Smartcams. Hanwha Techwin Smartcam Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HanwhaTechwinSmartcam is a series of security surveillance cameras based on cloud services. HanwhaTechwinSmartcam has a buffer overflow vulnerability that can be exploited by an attacker to cause a denial of service. Hanwha Techwin Smartcams is a cloud-based security monitoring device from Hanwha Korea

Arbitrary camera access and monitoring via cloud in Hanwha Techwin Smartcams. Hanwha Techwin Smartcam Contains firmware, authorization, authority, and access control vulnerabilities.Information may be obtained. HanwhaTechwinSmartcam is a series of security surveillance cameras based on cloud services. Hanwha Techwin Smartcams is a cloud-based security monitoring device from Hanwha Korea. There is a security flaw in Hanwha Techwin Smartcams

An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Insecure default configuration may allow escalation of privileges that gives the actor full control over the system. OSIsoft PI Data Archive Contains a permission vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. OSIsoft PI Data Archive is a highly efficient storage and archiving component for high performance data retrieval through client software. Attackers can exploit these issues to execute arbitrary code with elevated privileges or cause denial-of-service conditions; other attacks may also be possible

A Deserialization of Untrusted Data issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may modify deserialized data to send custom requests that crash the server. OSIsoft PI Data Archive is a highly efficient storage and archiving component for high performance data retrieval through client software. Attackers can exploit these issues to execute arbitrary code with elevated privileges or cause denial-of-service conditions; other attacks may also be possible

An Improper Input Validation issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may use unvalidated custom requests to crash the server. OSIsoft PI Data Archive is a highly efficient storage and archiving component for high performance data retrieval through client software. Attackers can exploit these issues to execute arbitrary code with elevated privileges or cause denial-of-service conditions; other attacks may also be possible

.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability". Microsoft .NET is prone to a denial-of-service vulnerability. Successful exploits will attackers to cause performance to degrade resulting in a denial of service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: .NET Core on Red Hat Enterprise Linux security update Advisory ID: RHSA-2018:0522-01 Product: .NET Core on Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0522 Issue date: 2018-03-14 CVE Names: CVE-2018-0875 ===================================================================== 1. Summary: Updates for rh-dotnet20-dotnet, rh-dotnetcore10-dotnetcore, and rh-dotnetcore11-dotnetcore are now available for .NET Core on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 .NET Core on Red Hat Enterprise Linux Server (v. 7) - x86_64 .NET Core on Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. It implements a subset of the .NET framework APIs and includes a CLR implementation. These correspond to the March 2018 security release by .NET Core upstream projects. Security Fix(es): * .NET Core: Hash Collision Denial of Service (CVE-2018-0875) Red Hat would like to thank Ben Adams (Illyriad Games) for reporting this issue. For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7): Source: rh-dotnetcore10-dotnetcore-1.0.10-1.el7.src.rpm x86_64: rh-dotnetcore10-dotnetcore-1.0.10-1.el7.x86_64.rpm rh-dotnetcore10-dotnetcore-debuginfo-1.0.10-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7): Source: rh-dotnetcore11-dotnetcore-1.1.7-1.el7.src.rpm x86_64: rh-dotnetcore11-dotnetcore-1.1.7-1.el7.x86_64.rpm rh-dotnetcore11-dotnetcore-debuginfo-1.1.7-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7): Source: rh-dotnet20-dotnet-2.0.6-1.el7.src.rpm x86_64: rh-dotnet20-dotnet-2.0.6-1.el7.x86_64.rpm rh-dotnet20-dotnet-debuginfo-2.0.6-1.el7.x86_64.rpm rh-dotnet20-dotnet-host-2.0.6-1.el7.x86_64.rpm rh-dotnet20-dotnet-runtime-2.0-2.0.6-1.el7.x86_64.rpm rh-dotnet20-dotnet-sdk-2.1-2.1.101-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Server (v. 7): Source: rh-dotnetcore10-dotnetcore-1.0.10-1.el7.src.rpm x86_64: rh-dotnetcore10-dotnetcore-1.0.10-1.el7.x86_64.rpm rh-dotnetcore10-dotnetcore-debuginfo-1.0.10-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Server (v. 7): Source: rh-dotnetcore11-dotnetcore-1.1.7-1.el7.src.rpm x86_64: rh-dotnetcore11-dotnetcore-1.1.7-1.el7.x86_64.rpm rh-dotnetcore11-dotnetcore-debuginfo-1.1.7-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Server (v. 7): Source: rh-dotnet20-dotnet-2.0.6-1.el7.src.rpm x86_64: rh-dotnet20-dotnet-2.0.6-1.el7.x86_64.rpm rh-dotnet20-dotnet-debuginfo-2.0.6-1.el7.x86_64.rpm rh-dotnet20-dotnet-host-2.0.6-1.el7.x86_64.rpm rh-dotnet20-dotnet-runtime-2.0-2.0.6-1.el7.x86_64.rpm rh-dotnet20-dotnet-sdk-2.1-2.1.101-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Workstation (v. 7): Source: rh-dotnetcore10-dotnetcore-1.0.10-1.el7.src.rpm x86_64: rh-dotnetcore10-dotnetcore-1.0.10-1.el7.x86_64.rpm rh-dotnetcore10-dotnetcore-debuginfo-1.0.10-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Workstation (v. 7): Source: rh-dotnetcore11-dotnetcore-1.1.7-1.el7.src.rpm x86_64: rh-dotnetcore11-dotnetcore-1.1.7-1.el7.x86_64.rpm rh-dotnetcore11-dotnetcore-debuginfo-1.1.7-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Workstation (v. 7): Source: rh-dotnet20-dotnet-2.0.6-1.el7.src.rpm x86_64: rh-dotnet20-dotnet-2.0.6-1.el7.x86_64.rpm rh-dotnet20-dotnet-debuginfo-2.0.6-1.el7.x86_64.rpm rh-dotnet20-dotnet-host-2.0.6-1.el7.x86_64.rpm rh-dotnet20-dotnet-runtime-2.0-2.0.6-1.el7.x86_64.rpm rh-dotnet20-dotnet-sdk-2.1-2.1.101-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-0875 https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFaqUTsXlSAg2UNWIIRAuzUAKCDhqW/mE1ZwG1Bv9JVc2oVTo7cngCfUnVc slFh/sAwzwax82xICfw1G1M= =37s1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted. SAP Business Objects Business Intelligence Platform Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks

ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability". The vendor ASP.NET Core As a privilege escalation vulnerability.Your privilege may be elevated. Microsoft ASP.NET Core is a cross-platform open source framework of Microsoft Corporation of the United States. The framework is used to build cloud-based applications such as web applications, IoT applications, and mobile backends. Attackers can use this vulnerability to implement HTML injection attacks to gain elevated permissions. An attacker can exploit this issue to gain elevated privileges

A Permissions, Privileges, and Access Controls issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. Privileges may be escalated, giving attackers access to the PI System via the service account. OSIsoft PI Web API Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. OSIsoft PI Web API is a product for accessing PI system data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, or gain elevated privileges and perform unauthorized actions. This may aid in further attacks