Tag
#xss
A vulnerability has been found in Atahualpa Theme and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. The attack can be launched remotely.
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.18.
In openlibrary versions deploy-2016-07-0 through deploy-2021-12-22 are vulnerable to Stored XSS.
In openlibrary versions deploy-2016-07-0 through deploy-2021-12-22 are vulnerable to Reflected XSS.
### Impact Authenticated Stored XSS in Administration ### Patches We recommend updating to version 5.7.12. You can get the update to 5.7.12 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/de/changelog-sw5/#5-7-12 For older versions you can use the Security Plugin: https://store.shopware.com/en/swag575294366635f/shopware-security-plugin.html ### References https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2022
WordPress Download Manager plugin versions 3.2.43 and below suffer from a cross site scripting vulnerability.
Zoo Management System version 1.0 suffers from a cross site scripting vulnerability.
Red Hat Security Advisory 2022-5152-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a cross site scripting vulnerability.
In habitica versions v4.119.0 through v4.232.2 are vulnerable to DOM XSS via the login page.
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.18.