#php

### Summary The `HtmlGenerator` class is subject to potential cross-site scripting (XSS) attack through a parsed malformed Minecraft server MOTD. ### Context Minecraft server owners can set a so-called MOTD (Message of the Day) for their server that appears next to the server icon and below the server name on the multiplayer server list of a player's Minecraft client. The Minecraft server sends the MOTD in the `description` property of the [Status Response](https://wiki.vg/Server_List_Ping#Status_Response) packet. The [jgniecki/MinecraftMotdParser](https://github.com/jgniecki/MinecraftMotdParser) PHP library is able to parse the value of the `description` property, which can be either a string or an array of text components. By utilizing the aforementioned `HtmlGenerator` class, it is also able to transform the value into an HTML string that can be used to visualize the MOTD on a web page. ### Details The `HtmlGenerator` iterates through objects of `MotdItem` that are contained in an...

Computer Laboratory Management System 2024 version 1.0 suffers from a cross site scripting vulnerability.

Acronis Cyber Infrastructure version 5.0.1-61 suffers from a cross site request forgery vulnerability.

Vehicle Service Management System version 1.0 suffers from a WYSIWYG code injection vulnerability.

Vehicle Service Management System version 1.0 suffers from a PHP code injection vulnerability.

Transport Management System version 1.0 suffers from an arbitrary file upload vulnerability.

Transport Management System version 1.0 suffers from a PHP code injection vulnerability.

ManageEngine ADManager version 7183 suffers from a password hash disclosure vulnerability.

The building management system suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'downloadDb.php' script is not properly verified before being used to download database files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

### Impact This vulnerability allows an attacker to inject arbitrary HTML/JavaScript code through the media download URL in Sulu CMS. It affects the SuluMediaBundle component. The vulnerability is a Reflected Cross-Site Scripting (XSS) issue, which could potentially allow attackers to steal sensitive information, manipulate the website's content, or perform actions on behalf of the victim. ### Patches The problem has not been patched yet. Users should upgrade to patched versions once they become available. Currently affected versions are: * 2.6.4 * 2.5.20 ### Workarounds Until an official patch is released, users can implement additional input validation and output encoding for the 'slug' parameter in the MediaStreamController's downloadAction method. Alternatively, configuring a Web Application Firewall (WAF) to filter potentially malicious input could serve as a temporary mitigation. ### References * GitHub repository: https://github.com/sulu/sulu * Vulnerable code: https://g...