Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/catc0n/statuses/113997296172337824">Caitlin Condon (catc0n@infosec.exchange)'s status on Friday, 14-Feb-2025 00:33:46 JST</a><a href="https://infosec.exchange/@catc0n" title="catc0n@infosec.exchange"><img src="https://gnusocial.jp/avatar/237167-48-20240121172844.webp" width="48" height="48" alt="Caitlin Condon" style="position: absolute; left: 0; top: 0;">Caitlin Condon</a><div><ul><li></ul></div></section><article><p>New <a href="https://infosec.exchange/tags/Rapid7" rel="tag">#Rapid7</a> vuln disclosure c/o <br><a href="https://bird.makeup/users/stephenfewer">@stephenfewer</a>: CVE-2025-1094 is a SQL injection flaw in PostgreSQL's psql interactive tool that was discovered while analyzing BeyondTrust RS CVE-2024-12356. The bug is interesting —   🧵on its relation to BeyondTrust exploitation <a href="https://www.rapid7.com/blog/post/2025/02/13/cve-2025-1094-postgresql-psql-sql-injection-fixed/" rel="nofollow">https://www.rapid7.com/blog/post/2025/02/13/cve-2025-1094-postgresql-psql-sql-injection-fixed/</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4559273#notice-8925785">In conversation</a><time datetime="2025-02-14T00:33:46+09:00" title="Friday, 14-Feb-2025 00:33:46 JST">about 2 months ago</time> <span>from <span><a href="https://infosec.exchange/@catc0n/113997296172337824" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@catc0n/113997296172337824">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: blog.rapid7.com</div><h5><a href="https://www.rapid7.com/blog/post/2025/02/13/cve-2025-1094-postgresql-psql-sql-injection-fixed/">CVE-2025-1094: PostgreSQL psql SQL injection (FIXED) | Rapid7 Blog</a></h5><div></div></header><div></div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Caitlin Condon (catc0n@infosec.exchange)'s status on Friday, 14-Feb-2025 00:33:46 JSTCaitlin Condon
- Stephen Fewer
New #Rapid7 vuln disclosure c/o
@stephenfewer: CVE-2025-1094 is a SQL injection flaw in PostgreSQL's psql interactive tool that was discovered while analyzing BeyondTrust RS CVE-2024-12356. The bug is interesting — 🧵on its relation to BeyondTrust exploitation https://www.rapid7.com/blog/post/2025/02/13/cve-2025-1094-postgresql-psql-sql-injection-fixed/
In conversationabout 2 months ago from infosec.exchangepermalink
Attachments
1. Domain not in remote thumbnail source whitelist: blog.rapid7.com
  CVE-2025-1094: PostgreSQL psql SQL injection (FIXED) | Rapid7 Blog

Public

Embed Notice

HTML Code

Corresponding Notice