Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-29528: SXSS via source in text area

XWiki Commons are technical libraries common to several other top level XWiki projects. The "restricted" mode of the HTML cleaner in XWiki, introduced in version 4.2-milestone-1 and massively improved in version 14.6-rc-1, allowed the injection of arbitrary HTML code and thus cross-site scripting via invalid HTML comments. As a consequence, any code relying on this "restricted" mode for security is vulnerable to JavaScript injection ("cross-site scripting"/XSS). When a privileged user with programming rights visits such a comment in XWiki, the malicious JavaScript code is executed in the context of the user session. This allows server-side code execution with programming rights, impacting the confidentiality, integrity and availability of the XWiki instance. This problem has been patched in XWiki 14.10, HTML comments are now removed in restricted mode and a check has been introduced that ensures that comments don't start with `>`. There are no known workarounds apart from upgrading to ...

CVE
#xss#js#java#auth
CVE-2023-23938: XSS through the name of a color of select box values

Tuleap is a Free & Source tool for end to end traceability of application and system developments. Affected versions are subject to a cross site scripting attack which can be injected in the name of a color of select box values of a tracker and then reflected in the tracker administration. Administrative privilege is required, but an attacker with tracker administration rights could use this vulnerability to force a victim to execute uncontrolled code in the context of their browser. This issue has been addressed in Tuleap Community Edition version 14.5.99.4. Users are advised to upgrade. There are no known workarounds for this issue.

WordPress PowerPress 10.0 Cross Site Scripting

WordPress PowerPress plugin versions 10.0 and below suffer from a persistent cross site scripting vulnerability.

Piwigo 13.6.0 Cross Site Scripting

Piwigo version 13.6.0 suffers from a persistent cross site scripting vulnerability.

CVE-2023-22309: Reflected Cross Site Scripting (XSS)

Reflective Cross-Site-Scripting in Webconf in Tribe29 Checkmk Appliance before 1.6.4.

CVE-2023-1767: CVE-2023-1767 - Stored XSS on Snyk Advisor service can allow full fabrication of npm packages health score

The Snyk Advisor website (https://snyk.io/advisor/) was vulnerable to a stored XSS prior to 28th March 2023. A feature of Snyk Advisor is to display the contents of a scanned package's Readme on its package health page. An attacker could create a package in NPM with an associated markdown README file containing XSS-able HTML tags. Upon Snyk Advisor importing the package, the XSS would run each time an end user browsed to the package's page on Snyk Advisor.

GHSA-4xr4-89m5-46c7: eslint-detailed-reporter vulnerable to cross-site scripting

A vulnerability was found in mportuga eslint-detailed-reporter up to 0.9.0 and classified as problematic. Affected by this issue is the function renderIssue in the library lib/template-generator.js. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The name of the patch is 505c190efd4905990db6207863bdcbd9b1d7e1bd. It is recommended to apply a patch to fix this issue. VDB-226310 is the identifier assigned to this vulnerability.

CVE-2022-4942

A vulnerability was found in mportuga eslint-detailed-reporter up to 0.9.0 and classified as problematic. Affected by this issue is the function renderIssue in the library lib/template-generator.js. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The name of the patch is 505c190efd4905990db6207863bdcbd9b1d7e1bd. It is recommended to apply a patch to fix this issue. VDB-226310 is the identifier assigned to this vulnerability.

GHSA-q55c-hmpf-6h2g: AzuraCast/AzuraCast vulnerable to cross-site scripting

AzuraCast/AzuraCast prior to version 0.18.0 is vulnerable to stored cross-site scripting. An issue was identified where a user who already had an AzuraCast account could update their display name to inject malicious JavaScript into the header menu of the site. In a majority of cases, this menu is only visible to the current logged-in user (pages like the `Administer Users` page are unaffected by this vulnerability), but if a higher-privileged administrator uses the `Log In As` feature to masquerade as a user, then the JavaScript injection could exfiltrate certain data. Anonymous members of the public cannot exploit this vulnerability in an AzuraCast installation, so it is primarily of concern for multi-tenant installations (i.e. resellers).