Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-37504

A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name.

CVE
#xss#vulnerability#web#mac#js#java

").appendTo(this.statusbar).hide(); this.progressbar = $("

").appendTo(this.progressDiv); this.abort = $("

" + s.abortStr + "

").appendTo(this.statusbar).hide(); this.cancel = $("

" + s.cancelStr + "

").appendTo(this.statusbar).hide(); this.done = $("

" + s.doneStr + "

").appendTo(this.statusbar).hide(); this.download = $("

" + s.downloadStr + "

").appendTo(this.statusbar).hide(); this.del = $("

" + s.deleteStr + "

").appendTo(this.statusbar).hide(); this.abort.addClass(“ajax-file-upload-red”); this.done.addClass(“ajax-file-upload-green”); this.download.addClass(“ajax-file-upload-green”); this.cancel.addClass(“ajax-file-upload-red”); this.del.addClass(“ajax-file-upload-red”); return this; } function createProgressDiv(obj, s) { var bar = null; if(s.customProgressBar) bar = new s.customProgressBar(obj,s); else bar = new defaultProgressBar(obj,s); bar.abort.addClass(obj.formGroup); bar.abort.addClass(s.abortButtonClass); bar.cancel.addClass(obj.formGroup); bar.cancel.addClass(s.cancelButtonClass); if(s.extraHTML) bar.extraHTML = $("

").insertAfter(bar.filename); if(s.uploadQueueOrder == ‘bottom’) $(obj.container).append(bar.statusbar); else $(obj.container).prepend(bar.statusbar); return bar; } function ajaxFormSubmit(form, s, pd, fileArray, obj, file) { var currentXHR = null; var options = { cache: false, contentType: false, processData: false, forceSync: false, type: s.method, data: s.formData, formData: s.fileData, dataType: s.returnType, headers: s.headers, beforeSubmit: function (formData, $form, options) { if(s.onSubmit.call(this, fileArray) != false) { if(s.dynamicFormData) { var sData = serializeData(s.dynamicFormData()); if(sData) { for(var j = 0; j < sData.length; j++) { if(sData[j]) { if(s.serialize && s.fileData != undefined) options.formData.append(sData[j][0], sData[j][1]); else options.data[sData[j][0]] = sData[j][1]; } } } } if(s.extraHTML) { $(pd.extraHTML).find(“input,select,textarea”).each(function(i,items) { if(s.serialize && s.fileData != undefined) options.formData.append($(this).attr(‘name’),$(this).val()); else options.data[$(this).attr(‘name’)] = $(this).val(); }); } return true; } pd.statusbar.append("

" + s.uploadErrorStr + "

"); pd.cancel.show() form.remove(); pd.cancel.click(function () { mainQ.splice(mainQ.indexOf(form), 1); removeExistingFileName(obj, fileArray); pd.statusbar.remove(); s.onCancel.call(obj, fileArray, pd); obj.selectedFiles -= fileArray.length; //reduce selected File count updateFileCounter(s, obj); }); return false; }, beforeSend: function (xhr, o) { for (var key in o.headers) { xhr.setRequestHeader(key, o.headers[key]); } pd.progressDiv.show(); pd.cancel.hide(); pd.done.hide(); if(s.showAbort) { pd.abort.show(); pd.abort.click(function () { removeExistingFileName(obj, fileArray); xhr.abort(); obj.selectedFiles -= fileArray.length; //reduce selected File count s.onAbort.call(obj, fileArray, pd); }); } if(!feature.formdata) //For iframe based push { pd.progressbar.width(‘5%’); } else pd.progressbar.width(‘1%’); //Fix for small files }, uploadProgress: function (event, position, total, percentComplete) { //Fix for smaller file uploads in MAC if(percentComplete > 98) percentComplete = 98; var percentVal = percentComplete + '%’; if(percentComplete > 1) pd.progressbar.width(percentVal) if(s.showProgress) { pd.progressbar.html(percentVal); pd.progressbar.css('text-align’, ‘center’); } }, success: function (data, message, xhr) { pd.cancel.remove(); progressQ.pop(); //For custom errors. if(s.returnType == “json” && $.type(data) == “object” && data.hasOwnProperty(s.customErrorKeyStr)) { pd.abort.hide(); var msg = data[s.customErrorKeyStr]; s.onError.call(this, fileArray, 200, msg, pd); if(s.showStatusAfterError) { pd.progressDiv.hide(); pd.statusbar.append("ERROR: " + msg + “”); } else { pd.statusbar.hide(); pd.statusbar.remove(); } obj.selectedFiles -= fileArray.length; //reduce selected File count form.remove(); return; } obj.responses.push(data); pd.progressbar.width(‘100%’) if(s.showProgress) { pd.progressbar.html(‘100%’); pd.progressbar.css('text-align’, ‘center’); } pd.abort.hide(); s.onSuccess.call(this, fileArray, data, xhr, pd); if(s.showStatusAfterSuccess) { if(s.showDone) { pd.done.show(); pd.done.click(function () { pd.statusbar.hide(“slow”); pd.statusbar.remove(); }); } else { pd.done.hide(); } if(s.showDelete) { pd.del.show(); pd.del.click(function () { removeExistingFileName(obj, fileArray); pd.statusbar.hide().remove(); if(s.deleteCallback) s.deleteCallback.call(this, data, pd); obj.selectedFiles -= fileArray.length; //reduce selected File count updateFileCounter(s, obj); }); } else { pd.del.hide(); } } else { pd.statusbar.hide(“slow”); pd.statusbar.remove(); } if(s.showDownload) { pd.download.show(); pd.download.click(function () { if(s.downloadCallback) s.downloadCallback(data, pd); }); } form.remove(); }, error: function (xhr, status, errMsg) { pd.cancel.remove(); progressQ.pop(); pd.abort.hide(); if(xhr.statusText == “abort”) //we aborted it { pd.statusbar.hide(“slow”).remove(); updateFileCounter(s, obj); } else { s.onError.call(this, fileArray, status, errMsg, pd); if(s.showStatusAfterError) { pd.progressDiv.hide(); pd.statusbar.append("ERROR: " + errMsg + “”); } else { pd.statusbar.hide(); pd.statusbar.remove(); } obj.selectedFiles -= fileArray.length; //reduce selected File count } form.remove(); } }; if(s.showPreview && file != null) { if(file.type.toLowerCase().split(“/”).shift() == “image”) getSrcToPreview(file, pd.preview); } if(s.autoSubmit) { form.ajaxForm(options); mainQ.push(form); submitPendingUploads(); } else { if(s.showCancel) { pd.cancel.show(); pd.cancel.click(function () { mainQ.splice(mainQ.indexOf(form), 1); removeExistingFileName(obj, fileArray); form.remove(); pd.statusbar.remove(); s.onCancel.call(obj, fileArray, pd); obj.selectedFiles -= fileArray.length; //reduce selected File count updateFileCounter(s, obj); }); } form.ajaxForm(options); } } return this; } }(jQuery));

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907