Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

GHSA-q874-g24w-4q9g: Token bruteforcing

Affects: Notebook and Lab between 6.4.0?(potentially earlier) and 6.4.11 (currently latest). Jupyter Server <=1.16.0. If I am correct about the responsible code it will affect Jupyter-Server 1.17.0 and 2.0.0a0 as well. Description: If notebook server is started with a value of `root_dir` that contains the starting user's home directory, then the underlying REST API can be used to leak the access token assigned at start time by guessing/brute forcing the PID of the jupyter server. While this requires an authenticated user session, this url can be used from an xss payload (as in CVE-2021-32798) or from a hooked or otherwise compromised browser to leak this access token to a malicious third party. This token can be used along with the REST API to interact with Jupyter services/notebooks such as modifying or overwriting critical files, such as .bashrc or .ssh/authorized_keys, allowing a malicious user to read potentially sensitive data and possibly gain control of the impacted system.

ghsa
Open in Source
#xss#auth#ssh
CVE-2022-31299: GitHub - bigzooooz/CVE-2022-31299: Haraj Script 3.7 - Reflected XSS

Haraj v3.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form.

CVE-2021-36609: webTareas / Tickets / #43 Cross Site Script Vulnerability on "Projects" in webtareas feature v2.2p1

Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /linkedcontent/editfolder.php.

CVE-2021-36608: webTareas / Tickets / #44 Cross Site Script Vulnerability on "Documents" in webtareas feature v2.2p1

Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /projects/editproject.php.

CVE-2021-33295: All: Security: Filter out NOSCRIPT tags that could be used to cause a… · laurent22/joplin@9c20d59

Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html.

CVE-2021-36827: WordPress Ninja Forms Contact Form plugin <= 3.6.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability - Patchstack

Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label".

CVE-2021-36827: WordPress Ninja Forms Contact Form plugin <= 3.6.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label".

CVE-2021-41420: Maian Affiliate

A stored XSS vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker for arbitrary JavaScript code execution in the context of authenticated and unauthenticated users through the MaianAffiliate admin panel.

CVE-2022-31298: GitHub - bigzooooz/CVE-2022-31298: Haraj Script 3.7 - Authenticated Stored XSS

A cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.

CVE-2022-31914: 0525/xss.md at main · mikeccltt/0525

Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24.