#xss

### Impact Multiple forms in version <0.0.21 allowed injection of HTML elements. These are returned to the user after executing job actions and thus evaluated by the browser. ### Patches We recommend to upgrade to version >= [0.0.21](https://github.com/ansibleguy/webui/releases/tag/0.0.21) ### References * [Report](https://github.com/ansibleguy/webui/files/15358522/Report.pdf) * [GitHub Issue 44](https://github.com/ansibleguy/webui/issues/44)

### Impact Stored Cross-site scripting (XSS) enable attackers to inject malicious code into Print Functionality ### Patches 12.1.4, 10.0.5 ### References https://docs.umbraco.com/umbraco-commerce/release-notes#id-13.0.0-december-13th-2023

### Background SimpleSAMLphp uses metadata to determine how to interact with other SAML entities. This metadata includes what’s called endpoints, which are URLs belonging to that entity where SAML messages can be sent. These URLs are used directly by SimpleSAMLphp when a message is sent, either via an HTTP redirection or by automatically posting a form to them. ### Description When sending a SAML message to another entity, SimpleSAMLphp will use the URL of the appropriate endpoint to redirect the user’s browser to it, or craft a form that will be automatically posted to it, depending on the SAML binding used. The URL that’s target of the message is fetched from the stored metadata for the given entity, and that metadata is trusted as correct. However, if that metadata has been altered by a malicious party (either an attacker or a rogue administrator) to substitute the URLs of the endpoints with javascript code, SimpleSAMLphp was blindly using them without any validation, trusting the...

### Impact Authenticated user that has access to edit Forms may inject unsafe code into Forms components. ### Patches Issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to patched versions (13.0.1, 12.2.2, 10.5.3, 8.13.13). ### References https://docs.umbraco.com/umbraco-forms/release-notes#id-13.0.1-january-16th-2024 https://docs.umbraco.com/umbraco-forms/v/12.forms.latest/release-notes#id-12.2.2-january-16th-2024 https://docs.umbraco.com/umbraco-forms/v/10.forms.latest/release-notes https://docs.umbraco.com/umbraco-forms/developer/configuration#editing-configuration-values

### Impact Users with access to the administration panel with page editing permissions could insert `<script>` tags in markdown fields, which are exposed on the publicly accessible site pages, leading to potential XSS injections. ### Patches - [**Formwork 1.13.0**](https://github.com/getformwork/formwork/releases/tag/1.13.0) has been released with a patch that solves this vulnerability. Now the system config option `content.safe_mode` (enabled by default) controls whether HTML tags and potentially dangerous links are escaped. This is configurable as in some cases more flexibility should be given. Panel users should be only a controlled group of editors, which cannot enable the option by themselves, and not a generic group. This mitigates the chance of introducing vulnerabilities. - [**Formwork 2.x** (6adc302)](https://github.com/getformwork/formwork/commit/6adc302f5a294f2ffbbf1571dd4ffea6b7876723) adds a similar `content.safeMode` system option. Like Formwork 1.13.0, by default HTML ...

HAWKI version 1.0.0-beta.1 before commit 146967f suffers from cross site scripting, arbitrary file overwrite, and session fixation vulnerabilities.

Ubuntu Security Notice 6788-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Police are using subtle psychological operations against ransomware gangs to sow distrust in their ranks—and trick them into emerging from the shadows.

Authenticated user with page edit permission can craft HTML, which when rendered in a page history comparison can execute client scripts.

RedirectorPage will allow users to specify a non-url malicious script as the redirection path without validation. Users which follow this url may allow this script to execute within their browser.