A vulnerability has been found in Atahualpa Theme and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. The attack can be launched remotely.

Nmap Announce Nmap Dev Full Disclosure Security Lists Internet Issues Open Source Dev

**Full Disclosure mailing list archives**

_From_: Summer of Pwnage <lists () securify nl>  
_Date_: Wed, 1 Mar 2017 07:08:41 +0100  

\------------------------------------------------------------------------
Cross-Site Scripting in Atahualpa WordPress Theme
------------------------------------------------------------------------
Spyros Gasteratos, July 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A number of Cross-Site Scripting vulnerabilities were found in the
Atahualpa WordPress Theme. This issue allows an attacker to perform a
wide variety of actions, such as stealing Administrators' session
tokens, or performing arbitrary actions on their behalf. In order to
exploit this issue, the attacker has to use the CSRF vulnerability
described in SFY20160759 to trick the admin into storing malicious
input.

------------------------------------------------------------------------
OVE ID
------------------------------------------------------------------------
OVE-20160724-0004

------------------------------------------------------------------------
Tested versions
------------------------------------------------------------------------
This issue was successfully tested on Atahualpa WordPress Theme
WordPress Theme.

------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
There is currently no fix available.

------------------------------------------------------------------------
Details
------------------------------------------------------------------------
https://sumofpwn.nl/advisory/2016/cross\_site\_scripting\_in\_atahualpa\_wordpress\_theme.html

------------------------------------------------------------------------
Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its
goal is to contribute to the security of popular, widely used OSS
projects in a fun and educational way.

\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

**Current thread:**

*   **Cross-Site Scripting in Atahualpa WordPress Theme** _Summer of Pwnage (Feb 28)_

CVE-2017-20085: Cross-Site Scripting in Atahualpa WordPress Theme

Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.18.

**Cross-site Scripting in Microweber**

Moderate severity GitHub Reviewed Published Jun 23, 2022 • Updated Jun 24, 2022

GHSA-3x96-m42v-hvh5: Cross-site Scripting in Microweber

In openlibrary versions deploy-2016-07-0 through deploy-2021-12-22 are vulnerable to Stored XSS.


**Mend Vulnerability Database**

Mend Vulnerability Lab is where you can find the information that you need about open source security vulnerabilities, aggregated by Mend’s comprehensive open source vulnerabilities database from hundreds of both popular and under-the-radar community resources.

The Mend open source vulnerabilities database covers over 200 programming languages and over 3 million open source components. It aggregates information from a variety of sources including the NVD, security advisories, and open source project issue trackers, multiple times a day.

We’re here to help you find and fix open source security vulnerabilities, and provide you with all of the data that you need in order to address open source vulnerabilities, including:

*   Programming language
*   CWE type
*   CVSS Severity scores, including CVSS v2.0 and v3.x
*   Exposure level (how many organizations have been impacted)
*   Verified suggested fixes
*   The low-down from the community
*   Additional info to help make informed remediation decisions

CVE-2022-32159: Open Source Vulnerability Database | Mend

In openlibrary versions deploy-2016-07-0 through deploy-2021-12-22 are vulnerable to Reflected XSS. 

CVE-2022-23081: Open Source Vulnerability Database | Mend

### Impact
Authenticated Stored XSS in Administration

### Patches
We recommend updating to version 5.7.12. You can get the update to 5.7.12 regularly via the Auto-Updater or directly via the download overview.
https://www.shopware.com/de/changelog-sw5/#5-7-12

For older versions you can use the Security Plugin:
https://store.shopware.com/en/swag575294366635f/shopware-security-plugin.html


### References
https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2022

**Authenticated Stored Cross-site Scripting in Shopware**

Moderate severity GitHub Reviewed Published Jun 22, 2022 in shopware/shopware

GHSA-q754-vwc4-p6qj: Authenticated Stored Cross-site Scripting in Shopware

WordPress Download Manager plugin versions 3.2.43 and below suffer from a cross site scripting vulnerability.

Change Mirror Download

    Exploit Title: Download Manager Cross-Site ScriptingDate: 2022-06-16Exploit Author :  Andrea BocchettiVendor Homepage : https://wordpress.org/plugins/download-manager/Version :  <= 3.2.43Tested on: windowsCVE :  CVE-2022-2101######## Description ######### 1-) Login in the plugin page# 2-) add the xss payload in the field "Insert URL"# 3-) Click on the link , the JS code will be interpreted.

WordPress Download Manager 3.2.43 Cross Site Scripting

Zoo Management System version 1.0 suffers from a cross site scripting vulnerability.

    # Exploit Title: Zoo Management System 1.0 - Reflected Cross-Site-Scripting (XSS)# Date: 06/22/2022# Exploit Author: Angelo Pio Amirante# Vendor Homepage: https://www.sourcecodester.com/# Software Link: https://www.sourcecodester.com/php/15344/zoo-management-system-phpoop-free-source-code.html# Version: 1.0# Tested on: Server: XAMPP on Windows 10 # CVE: CVE-2022-31897# Description:Zoo Management System 1.0 is vulnerable to reflected cross-site scripting on the sign-up page. The "msg" parameter in 'http://localhost/public_html/register_visitor?msg=' is vulnerable.# Impact:An attacker could steal cookies with a crafted URL sent to the victims.# Exploit:Visit the following page: 1) http://localhost/public_html/register_visitor?msg=<script>alert(window.navigator.userAgent)</script>2) Alert pop up is fired!# Image poc:https://ibb.co/8XKDgJX -> Registration pagehttps://ibb.co/mTTmTmy -> XSS

Zoo Management System 1.0 Cross Site Scripting

Red Hat Security Advisory 2022-5152-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a cross site scripting vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: Red Hat OpenShift GitOps security update  
Advisory ID:       RHSA-2022:5152-01  
Product:           Red Hat OpenShift GitOps  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:5152  
Issue date:        2022-06-22  
CVE Names:         CVE-2018-25032 CVE-2022-1271 CVE-2022-31016  
                   CVE-2022-31034 CVE-2022-31035 CVE-2022-31036  
====================================================================  
1. Summary:

An update is now available for Red Hat OpenShift GitOps 1.5.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Description:

Red Hat Openshift GitOps is a declarative way to implement continuous  
deployment for cloud native applications.

Security Fix(es):

* argocd: vulnerable to a variety of attacks when an SSO login is initiated  
from the Argo CD CLI or the UI. (CVE-2022-31034)

* argocd: cross-site scripting (XSS) allows a malicious user to inject a  
javascript link in the UI (CVE-2022-31035)

* argocd: vulnerable to an uncontrolled memory consumption bug  
(CVE-2022-31016)

* argocd: vulnerable to a symlink following bug allowing a malicious user  
with repository write access (CVE-2022-31036)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information refer to the CVE  
page(s) listed in the References section.

3. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2096278 - CVE-2022-31035 argocd: cross-site scripting (XSS) allow a malicious user to inject a javascript link in the UI  
2096282 - CVE-2022-31034 argocd: vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or the UI.  
2096283 - CVE-2022-31016 argocd: vulnerable to an uncontrolled memory consumption bug  
2096291 - CVE-2022-31036 argocd: vulnerable to a symlink following bug allowing a malicious user with repository write access

5. References:

https://access.redhat.com/security/cve/CVE-2018-25032  
https://access.redhat.com/security/cve/CVE-2022-1271  
https://access.redhat.com/security/cve/CVE-2022-31016  
https://access.redhat.com/security/cve/CVE-2022-31034  
https://access.redhat.com/security/cve/CVE-2022-31035  
https://access.redhat.com/security/cve/CVE-2022-31036  
https://access.redhat.com/security/updates/classification/#important

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYrLob9zjgjWX9erEAQhsxw/9EbM8BdLUASvR5jVTtZeDXjOavkH9ob65  
/W+vtrpycWaOGKLm0sVZDnH9Y/iNy5io1vbTp3qseFXzCJVSnOrBmPc21VLHpCnJ  
mZ/apMKfS4HONdDqEOlwxFXPyZfp4M8ms7XdEKxEyabBdL5deL/ZhOzg1nbUWXwy  
JdDrll9oGk9HsUFqaVyM7+tOsT+a0g7SliFoXFDDF684W3JI6uL3y6ejKEEiBXOd  
649AoBnIaGyNT37BK/JaItpJj3EhmhavBs5OILDdrIzvBsjIBtVfyPNMfRjrzCEB  
qAa9CRfUT3daBK9bdx3P5X8MDXGlXEUKOOJGTwlCSk6d/mshET9AWKaJNyOdRxHJ  
U1MPlspWjb+ADXqCNB3zaQgmOaPj4lYsT9dT738JHtW+VIUAGs+KVsslizIAV9uF  
KZkJIrPqL5g9hQN4lt2uB3iLC0e1prSSZsXZLXCLFcxXObLUYV83ChFBJxaEGmMl  
VeFmgasL0LkhbH/9O4taHdwRRqMCOTshQE4N8jfqyo2jA2clPAua0vE840qSNz03  
2aEi/5J7oGV/z1wuZtklTTJGBVs2qGkhdYvqAF2wKkXPEhaoWyqhUn1dqnjGIrk+  
JJ43POziAdewPlIKN4OBkPgfTjfGWW5wy/RkMnTLtamObkF5AANQF7a8D4TcCdod  
UfPGO4T/krI=jReJ  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-5152-01

In habitica versions v4.119.0 through v4.232.2 are vulnerable to DOM XSS via the login page.

Permalink

Browse files

fix(login): catch double-slash exploit

*   Loading branch information

SabreCat committed

May 20, 2022

1 parent 980e358 commit 5bcfdbe066e8c899f3ecf3fdcdbacc2ecba7f02f

Showing **1 changed file** with **2 additions** and **2 deletions**.

@@ -757,8 +757,8 @@ export default {

}, 500),

sanitizeRedirect (redirect) {

if (!redirect) return '/';

let sanitizedString \= DOMPurify.sanitize(redirect);

if (sanitizedString.slice(0, 1) !== '/') sanitizedString \= \`/${sanitizedString}\`;

let sanitizedString \= DOMPurify.sanitize(redirect).replace(/\\\\|\\/\\/|\\./g, '');

sanitizedString \= \`/${sanitizedString}\`;

return sanitizedString;

},

async register () {

**0 comments on commit 5bcfdbe**

Please sign in to comment.

Tag

#xss