Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

Readymade Real Estate Script SQL Injection / Cross Site Scripting

Readymade Real Estate Script suffers from remote blind SQL injection and cross site scripting vulnerabilities.

Packet Storm
#sql#xss#vulnerability#php#auth
AMPLE BILLS 1.0 Cross Site Scripting

AMPLE BILLS version 1.0 suffers from a cross site scripting vulnerability.

Dangerous XSS Bugs in RedCAP Threaten Academic & Scientific Research

The security vulnerabilities, CVE-2024-37394, CVE-2024-37395, and CVE-2024-37396, could lay open proprietary and sensitive research to data thieves.

GHSA-p9f2-jg9w-cx69: Aim Stored Cross-site Scripting Vulnerability

A stored cross-site scripting (XSS) vulnerability exists in aimhubio/aim version 3.19.3. The vulnerability arises from the improper neutralization of input during web page generation, specifically in the logs-tab for runs. The terminal output logs are displayed using the `dangerouslySetInnerHTML` function in React, which is susceptible to XSS attacks. An attacker can exploit this vulnerability by injecting malicious scripts into the logs, which will be executed when a user views the logs-tab.

GHSA-cf56-g6w6-pqq2: Twisted vulnerable to HTML injection in HTTP redirect body

### Summary The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting (XSS) in the redirect response HTML body. ### Details Twisted’s `redirectTo` function generates an `HTTP 302 Redirect` response. The response contains an HTML body, built for exceptional cases where the browser doesn’t properly handle the redirect, allowing the user to click a link, navigating them to the specified destination. The function reflects the destination URL in the HTML body without any output encoding. ```python # https://github.com/twisted/twisted/blob/trunk/src/twisted/web/_template_util.py#L88 def redirectTo(URL: bytes, request: IRequest) -> bytes: # ---snip--- content = b""" <html> <head> <meta http-equiv=\"refresh\" content=\"0;URL=%(url)s\"> </head> <body bgcolor=\"#FFFFFF\" text=\"#000000\"> <a href=\"%(url)...