CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1252 vulnerabilities reference this CWE, most recent first.
GHSA-H4M4-PGP4-WHGM
Vulnerability from github – Published: 2021-07-02 19:19 – Updated: 2022-10-25 20:25Impact
The reset password form reveals the email address of users just by giving their username.
Patches
The problem has been patched on XWiki 13.2RC1.
Workarounds
It's possible to manually modify the resetpasswordinline.vm to perform the changes made in https://github.com/xwiki/xwiki-platform/commit/0cf716250b3645a5974c80d8336dcdf885749dff#diff-14a3132e3986b1f5606dd13d9d8a8bb8634bec9932123c5e49e9604cfd850fc2
References
https://jira.xwiki.org/browse/XWIKI-18400
For more information
If you have any questions or comments about this advisory: * Open an issue in Jira XWiki * Email us at Security ML
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-web"
},
"ranges": [
{
"events": [
{
"introduced": "13.1"
},
{
"fixed": "13.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-32731"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2021-07-02T16:39:50Z",
"nvd_published_at": "2021-07-01T19:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nThe reset password form reveals the email address of users just by giving their username.\n\n### Patches\nThe problem has been patched on XWiki 13.2RC1.\n\n### Workarounds\nIt\u0027s possible to manually modify the `resetpasswordinline.vm` to perform the changes made in https://github.com/xwiki/xwiki-platform/commit/0cf716250b3645a5974c80d8336dcdf885749dff#diff-14a3132e3986b1f5606dd13d9d8a8bb8634bec9932123c5e49e9604cfd850fc2\n\n### References\nhttps://jira.xwiki.org/browse/XWIKI-18400\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Jira XWiki](https://jira.xiwki.org)\n* Email us at [Security ML](mailto:security@xwiki.org)\n",
"id": "GHSA-h4m4-pgp4-whgm",
"modified": "2022-10-25T20:25:48Z",
"published": "2021-07-02T19:19:04Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-h4m4-pgp4-whgm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32731"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/commit/0cf716250b3645a5974c80d8336dcdf885749dff#diff-14a3132e3986b1f5606dd13d9d8a8bb8634bec9932123c5e49e9604cfd850fc2"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-platform"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-18400"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "The reset password form reveal users email address"
}
GHSA-H57H-9X5H-V7JM
Vulnerability from github – Published: 2022-09-10 00:00 – Updated: 2022-09-15 00:00Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission.
{
"affected": [],
"aliases": [
"CVE-2022-36875"
],
"database_specific": {
"cwe_ids": [
"CWE-284",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-09T15:15:00Z",
"severity": "MODERATE"
},
"details": "Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission.",
"id": "GHSA-h57h-9x5h-v7jm",
"modified": "2022-09-15T00:00:17Z",
"published": "2022-09-10T00:00:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36875"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=09"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year==2022\u0026month=09"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-H5FG-GGGQ-X5VH
Vulnerability from github – Published: 2025-09-18 15:30 – Updated: 2026-01-27 21:31In the Linux kernel, the following vulnerability has been resolved:
HID: intel-ish-hid: Fix kernel panic during warm reset
During warm reset device->fw_client is set to NULL. If a bus driver is registered after this NULL setting and before new firmware clients are enumerated by ISHTP, kernel panic will result in the function ishtp_cl_bus_match(). This is because of reference to device->fw_client->props.protocol_name.
ISH firmware after getting successfully loaded, sends a warm reset notification to remove all clients from the bus and sets device->fw_client to NULL. Until kernel v5.15, all enabled ISHTP kernel module drivers were loaded right after any of the first ISHTP device was registered, regardless of whether it was a matched or an unmatched device. This resulted in all drivers getting registered much before the warm reset notification from ISH.
Starting kernel v5.16, this issue got exposed after the change was introduced to load only bus drivers for the respective matching devices. In this scenario, cros_ec_ishtp device and cros_ec_ishtp driver are registered after the warm reset device fw_client NULL setting. cros_ec_ishtp driver_register() triggers the callback to ishtp_cl_bus_match() to match ISHTP driver to the device and causes kernel panic in guid_equal() when dereferencing fw_client NULL pointer to get protocol_name.
{
"affected": [],
"aliases": [
"CVE-2023-53392"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-18T14:15:42Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix kernel panic during warm reset\n\nDuring warm reset device-\u003efw_client is set to NULL. If a bus driver is\nregistered after this NULL setting and before new firmware clients are\nenumerated by ISHTP, kernel panic will result in the function\nishtp_cl_bus_match(). This is because of reference to\ndevice-\u003efw_client-\u003eprops.protocol_name.\n\nISH firmware after getting successfully loaded, sends a warm reset\nnotification to remove all clients from the bus and sets\ndevice-\u003efw_client to NULL. Until kernel v5.15, all enabled ISHTP kernel\nmodule drivers were loaded right after any of the first ISHTP device was\nregistered, regardless of whether it was a matched or an unmatched\ndevice. This resulted in all drivers getting registered much before the\nwarm reset notification from ISH.\n\nStarting kernel v5.16, this issue got exposed after the change was\nintroduced to load only bus drivers for the respective matching devices.\nIn this scenario, cros_ec_ishtp device and cros_ec_ishtp driver are\nregistered after the warm reset device fw_client NULL setting.\ncros_ec_ishtp driver_register() triggers the callback to\nishtp_cl_bus_match() to match ISHTP driver to the device and causes kernel\npanic in guid_equal() when dereferencing fw_client NULL pointer to get\nprotocol_name.",
"id": "GHSA-h5fg-gggq-x5vh",
"modified": "2026-01-27T21:31:33Z",
"published": "2025-09-18T15:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53392"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/38518593ec55e897abda4b4be77b2ec8ec4447d1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/45b9055a3a3ff6e8c08faad82ea36a8644a81587"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6c8cc40c588f8080a164d88336b1490279e0f1da"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H5M9-C2H6-X3RP
Vulnerability from github – Published: 2022-01-11 00:01 – Updated: 2022-01-15 00:03In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when viewing the post archives. Exploitation requires that a Themer layout is applied to the archives, and that the post excerpt field is not set.
{
"affected": [],
"aliases": [
"CVE-2021-42749"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-10T14:10:00Z",
"severity": "MODERATE"
},
"details": "In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when viewing the post archives. Exploitation requires that a Themer layout is applied to the archives, and that the post excerpt field is not set.",
"id": "GHSA-h5m9-c2h6-x3rp",
"modified": "2022-01-15T00:03:32Z",
"published": "2022-01-11T00:01:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42749"
},
{
"type": "WEB",
"url": "https://docs.wpbeaverbuilder.com/beaver-builder/developer/conditionally-hidden-content"
},
{
"type": "WEB",
"url": "https://tekfused.com/tek/vulnerability-research/beaver-builder-vulnerabilities-visibility-conditional-logic-cve"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-H5WH-7H2J-H999
Vulnerability from github – Published: 2022-04-15 00:00 – Updated: 2022-04-26 13:04SWHKD 1.1.5 consumes the keyboard events of unintended users. This could potentially cause an information leak, but is usually a denial of functionality.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "Simple-Wayland-HotKey-Daemon"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.1.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-27817"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2022-04-26T13:04:22Z",
"nvd_published_at": "2022-04-14T17:15:00Z",
"severity": "MODERATE"
},
"details": "SWHKD 1.1.5 consumes the keyboard events of unintended users. This could potentially cause an information leak, but is usually a denial of functionality.",
"id": "GHSA-h5wh-7h2j-h999",
"modified": "2022-04-26T13:04:22Z",
"published": "2022-04-15T00:00:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27817"
},
{
"type": "PACKAGE",
"url": "https://github.com/waycrate/swhkd"
},
{
"type": "WEB",
"url": "https://github.com/waycrate/swhkd/releases"
},
{
"type": "WEB",
"url": "https://www.openwall.com/lists/oss-security/2022/04/14/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon"
}
GHSA-H6G2-MC2X-J8WM
Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2022-07-13 00:01muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common configurations.
{
"affected": [],
"aliases": [
"CVE-2021-37601"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-30T14:15:00Z",
"severity": "HIGH"
},
"details": "muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common configurations.",
"id": "GHSA-h6g2-mc2x-j8wm",
"modified": "2022-07-13T00:01:34Z",
"published": "2022-05-24T19:09:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37601"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7BZRRPCNOETB4MN4XSYPRBBKDIHO27DY"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EMKIOEP2CYWHVVUCNWISPE4AGH4IR7O2"
},
{
"type": "WEB",
"url": "https://prosody.im"
},
{
"type": "WEB",
"url": "https://prosody.im/security/advisory_20210722"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/07/28/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-H732-87V7-7449
Vulnerability from github – Published: 2024-12-25 18:30 – Updated: 2024-12-25 18:30Dell NativeEdge, version(s) 2.1.0.0, contain(s) a Creation of Temporary File With Insecure Permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
{
"affected": [],
"aliases": [
"CVE-2024-52543"
],
"database_specific": {
"cwe_ids": [
"CWE-378",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-25T16:15:22Z",
"severity": "MODERATE"
},
"details": "Dell NativeEdge, version(s) 2.1.0.0, contain(s) a Creation of Temporary File With Insecure Permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.",
"id": "GHSA-h732-87v7-7449",
"modified": "2024-12-25T18:30:45Z",
"published": "2024-12-25T18:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52543"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000258904/dsa-2024-488-security-update-for-dell-nativeedge-multiple-vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H872-JXR7-Q7RJ
Vulnerability from github – Published: 2022-02-15 00:02 – Updated: 2023-08-08 15:31** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced.
{
"affected": [],
"aliases": [
"CVE-2021-45421"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-14T14:15:00Z",
"severity": "HIGH"
},
"details": "** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced.",
"id": "GHSA-h872-jxr7-q7rj",
"modified": "2023-08-08T15:31:43Z",
"published": "2022-02-15T00:02:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45421"
},
{
"type": "WEB",
"url": "https://www.swascan.com/emerson"
},
{
"type": "WEB",
"url": "http://dixell.com"
},
{
"type": "WEB",
"url": "http://emerson.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-H8G5-2596-XJH9
Vulnerability from github – Published: 2025-03-27 15:31 – Updated: 2025-03-28 18:33Following the sandbox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. Attackers were able to confuse the parent process into leaking handles to unprivileged child processes leading to a sandbox escape. The original vulnerability was being exploited in the wild. This only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1.
{
"affected": [],
"aliases": [
"CVE-2025-2857"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-27T14:15:55Z",
"severity": "CRITICAL"
},
"details": "Following the sandbox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. Attackers were able to confuse the parent process into leaking handles to unprivileged child processes leading to a sandbox escape. \nThe original vulnerability was being exploited in the wild. \n*This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 136.0.4, Firefox ESR \u003c 128.8.1, and Firefox ESR \u003c 115.21.1.",
"id": "GHSA-h8g5-2596-xjh9",
"modified": "2025-03-28T18:33:09Z",
"published": "2025-03-27T15:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2857"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1956398"
},
{
"type": "WEB",
"url": "https://issues.chromium.org/issues/405143032"
},
{
"type": "WEB",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2025-19"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H8M9-2C4V-J2JX
Vulnerability from github – Published: 2022-05-24 17:43 – Updated: 2022-05-24 17:43The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85.
{
"affected": [],
"aliases": [
"CVE-2021-23958"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-02-26T03:15:00Z",
"severity": "MODERATE"
},
"details": "The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox \u003c 85.",
"id": "GHSA-h8m9-2c4v-j2jx",
"modified": "2022-05-24T17:43:11Z",
"published": "2022-05-24T17:43:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23958"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1642747"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2021-03"
}
],
"schema_version": "1.4.0",
"severity": []
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.