Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-46084: There is a stored xss vulnerability exists in uscat. · Issue #2 · chenniqing/uscat

uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting (XSS) via “close registration information” input box.

CVE
#xss#vulnerability#web#windows#apple#google#js#git#java

[Suggested description]
Cross SIte Scripting (XSS) vulnerability exists in uscat. via
a Google search in url:http://localhost:9105/admin/basic.action ,then enter the registration setting page in the background of the system, and enter the malicious XSS code in the “close registration information” input box. The malicious code will be executed at URL: http://localhost:9105/forum/user_info/register.action , any user who enters this URL will be affected.

[Vulnerability Type]
Cross Site Scripting (XSS)

[Vendor of Product]
https://github.com/chenniqing/uscat

[Affected Product Code Base]
*

[Affected Component]
POST /register_setting/save.json HTTP/1.1
Host: localhost:9105
Content-Length: 89
sec-ch-ua: " Not A;Brand";v="99", “Chromium";v="92”
Accept: application/json, text/javascript, /; q=0.01
X-Requested-With: XMLHttpRequest
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: http://localhost:9105
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://localhost:9105/register_setting/edit.action
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
Cookie: JSESSIONID=955307B507B1FD2D9AE8E69C6EABFB75; navUrl=http://localhost:9105/admin/basic.action
Connection: close

isAllowRegister=1&closeRegisterMessage= your xss payload

[Attack Type]
Remote

[Impact Code execution]
true
image-20211229111503824
XSS payload will be executed on the registration page at the front of the website. Any user who opens the registration page(url:http://localhost:9105/forum/user_info/register.action) will be affected
image-20211229111731199

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907