Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-46083: There is a stored xss vulnerability exists in uscat. · Issue #1 · chenniqing/uscat

uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting (XSS) via the input box of the statistical code.

CVE
#xss#vulnerability#web#windows#apple#google#js#git#java

[Suggested description]
Cross SIte Scripting (XSS) vulnerability exists in uscat. via
a Google search in url:http://localhost:9105/admin/basic.action and enter the site information setting page and enter the malicious XSS code in the input box of the statistical code. This code will be executed in the system foreground

[Vulnerability Type]
Cross Site Scripting (XSS)

[Vendor of Product]
https://github.com/chenniqing/uscat

[Affected Product Code Base]
*

[Affected Component]
POST /web_info/save.json HTTP/1.1
Host: localhost:9105
Content-Length: 213
sec-ch-ua: " Not A;Brand";v="99", “Chromium";v="92”
Accept: application/json, text/javascript, /; q=0.01
X-Requested-With: XMLHttpRequest
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: http://localhost:9105
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://localhost:9105/web_info/edit.action
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
Cookie: JSESSIONID=955307B507B1FD2D9AE8E69C6EABFB75; navUrl=http://localhost:9105/admin/basic.action
Connection: close

name=Javaex%E8%AE%BA%E5%9D%9B&domain=http%3A%2F%2Fwww.javaex.cn%2F&email=291026192%40qq.com&recordNumber=%E8%8B%8FICP%E5%A4%8718008530%E5%8F%B7&license=1&statisticalCode= your xss payload

[Attack Type]
Remote

[Impact Code execution]
true
image

The input sensitive parameters are not filtered, resulting in malicious code at URL: http://localhost:9105/ After being parsed and executed, all users accessing this URL will be affected.
image-20211229103754311

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907