Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-1682: We check the url parameter of the link to ensure that it is a valid c… · NeoRazorX/facturascripts@8e31d84

Reflected Xss using url based payload in GitHub repository neorazorx/facturascripts prior to 2022.07. Xss can use to steal user’s cookies which lead to Account takeover or do any malicious activity in victim’s browser

CVE
#xss#git

@@ -24,6 +24,7 @@

use FacturaScripts\Core\Base\DataBase\DataBaseWhere;

use FacturaScripts\Core\Lib\Widget\VisualItemLoadEngine;

use FacturaScripts\Dinamic\Model\CodeModel;

use FacturaScripts\Dinamic\Model\Page;

use FacturaScripts\Dinamic\Model\PageOption;

use FacturaScripts\Dinamic\Model\User;

use Symfony\Component\HttpFoundation\Response;

@@ -121,7 +122,7 @@ public function privateCore(&$response, $user, $permissions)

parent::privateCore($response, $user, $permissions);

$this->model = new PageOption();

$this->loadSelectedViewName();

$this->backPage = $this->request->get(‘url’) ?: $this->selectedViewName;

$this->setBackPage();

$this->selectedUser = $this->user->admin ? $this->request->get(‘nick’) : $this->user->nick;

$this->loadPageOptions();

@@ -275,6 +276,22 @@ private function loadPageOptionsForUser(): bool

return true;

}

private function setBackPage()

{

// check if the url is a real controller name

$url = $this->request->get('url’, ‘’);

$pageModel = new Page();

foreach ($pageModel->all([], [], 0, 0) as $page) {

if (substr($url, 0, strlen($page->name)) === $page->name) {

$this->backPage = $url;

return;

}

}

// set the default back page

$this->backPage = $this->selectedViewName;

}

/**

* @param array $column

* @param string $name

Related news

CVE-2022-1682: We check the url parameter of the link to ensure that it is a valid c… · NeoRazorX/facturascripts@8e31d84

Reflected Xss using url based payload in GitHub repository neorazorx/facturascripts prior to 2022.07. Xss can use to steal user's cookies which lead to Account takeover or do any malicious activity in victim's browser

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907