Security
Headlines
HeadlinesLatestCVEs

Tag

#vulnerability

GHSA-8266-84wp-wv5c: Svelte has a potential mXSS vulnerability due to improper HTML escaping

### Summary A potential XSS vulnerability exists in Svelte for versions prior to 4.2.19. ### Details Svelte improperly escapes HTML on server-side rendering. It converts strings according to the following rules: - If the string is an attribute value: - `"` -> `&quot;` - `&` -> `&amp;` - Other characters -> No conversion - Otherwise: - `<` -> `&lt;` - `&` -> `&amp;` - Other characters -> No conversion The assumption is that attributes will always stay as such, but in some situation the final DOM tree rendered on browsers is different from what Svelte expects on server-side rendering. This may be leveraged to perform XSS attacks. More specifically, this can occur when injecting malicious content into an attribute within a `<noscript>` tag. ### PoC A vulnerable page (`+page.svelte`): ```html <script> import { page } from "$app/stores" // user input let href = $page.url.searchParams.get("href") ?? "https://example.com"; </script> <noscript> <a href={href}...

ghsa
Open in Source
#xss#vulnerability#js#perl
Cacti Arbitrary File Write / Remote Code Execution

Cacti versions prior to 1.2.27 suffer from an arbitrary file write vulnerability that allows for remote code execution.

Water Billing Management System 1.0 Cross Site Request Forgery / File Upload

Water Billing Management System version 1.0 suffers from a cross site request forgery that enables an arbitrary file upload.

Red Hat Security Advisory 2024-6054-03

Red Hat Security Advisory 2024-6054-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes security and bug fixes. Issues addressed include deserialization and memory exhaustion vulnerabilities.

Webpay E-Commerce 1.0 Directory Traversal

Webpay E-Commerce version 1.0 suffers from a directory traversal vulnerability.

Red Hat Security Advisory 2024-6044-03

Red Hat Security Advisory 2024-6044-03 - Red Hat Advanced Cluster Management for Kubernetes 2.11.2 General Availability release images, which fix bugs and update container images. Issues addressed include a denial of service vulnerability.

WordPress GetYourGuide Ticketing 1.0.6 Cross Site Scripting

WordPress GetYourGuide Ticketing plugin version 1.0.6 suffers from a cross site scripting vulnerability.

WordPress SeatReg 1.54.0 Open Redirection

WordPress SeatReg plugin version 1.54.0 suffers from an open redirection vulnerability.

WordPress WP Event Manager 3.1.44 Cross Site Scripting

WordPress WP Event Manager plugin version 3.1.44 suffers from a cross site scripting vulnerability.