Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

GHSA-9m6m-c64r-w4f4: Stimulsoft Dashboard.JS Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component.

ghsa
#xss#vulnerability#nodejs#js#git
GHSA-7m8g-fprr-47fx: phpMyFAQ vulnerable to stored XSS on attachments filename

### Summary Unsafe echo of filename in phpMyFAQ\phpmyfaq\admin\attachments.php leading to allow execute JavaScript code in client side (XSS) ### Details On that snippet code of rendering the file attachments from user tables ``` <?php foreach ($crumbs as $item) : ?> <tr id="attachment_<?= $item->id ?>" title="<?= $item->thema ?>"> <td><?= $item->id ?></td> <td><?= $item->filename ?></td> <td><?= $item->record_lang ?></td> <td><?= Utils::formatBytes($item->filesize) ?></td> <td><?= $item->mime_type ?></td> <td> ``` The data directly rendering with short hand echo without any sanitation first, its recommend to use existing class of `Strings::htmlentities` on use `phpMyFAQ\Strings;` ``` <td><?= Strings::htmlentities($item->filename); ?></td> <td><?= Strings::htmlentities($item->record_lang); ?></td> <td><?= Utils::formatBytes($item->filesize) ?></td> <td><?= Strings::htmlentities($item->mime_type); ?></td> ``` Propo...

GHSA-9cgf-pxwq-2cpw: Stimulsoft Dashboard.JS Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field.

WordPress Simple URLs Cross Site Scripting

WordPress Simple URLs plugin versions prior to 115 suffer from a cross site scripting vulnerability.

GYM MS 1.0 Cross Site Scripting

Gym Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original credit for this finding goes to Jyotsna Adhana in October of 2020 but uses a different vector of attack for this software version.

WhatsUp Gold 2022 22.1.0 Build 39 Cross Site Scripting

WhatsUp Gold 2022 version 22.1.0 Build 39 suffers from a persistent cross site scripting vulnerability.

MISP 2.4.171 Cross Site Scripting

MISP version 2.4.171 suffers from a persistent cross site scripting vulnerability.

GHSA-2mrq-w8pv-5pvq: Malicious input can provoke XSS when preserving comments

# Impact There is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the `preserveComments` directive must be enabled in your policy file. As a result, certain crafty inputs can result in elements in comment tags being interpreted as executable when using AntiSamy's sanitized output. # Patches Patched in AntiSamy 1.7.5 and later. This is due to parsing behavior in the [neko-htmlunit](https://github.com/HtmlUnit/htmlunit-neko) dependency, just by updating to a newer version the issue was solved. See important remediation details in the reference given below. # Workarounds If you cannot upgrade to a fixed version of the library, the following mitigation can be applied until you can upgrade: Manually edit your AntiSamy policy file (e.g., antisamy.xml) by deleting the `preserveComments` directive or setting its value to `false`, if present. As the previously mentioned policy settin...

GHSA-34q3-p352-c7q8: Central Dogma Authentication Bypass Vulnerability via Session Leakage

### Vulnerability Overview A vulnerability has been identified in Central Dogma versions prior to 0.64.0, allowing for the leakage of user sessions and subsequent authentication bypass. The issue stems from a Cross-Site Scripting (XSS) attack vector that targets the RelayState of Security Assertion Markup Language (SAML). ### Impact Successful exploitation of this vulnerability enables malicious actors to leak user sessions, leading to the compromise of authentication mechanisms. This, in turn, can facilitate unauthorized access to sensitive resources. ### Patches This vulnerability is addressed and resolved in Central Dogma version 0.64.0. Users are strongly encouraged to upgrade to this version or later to mitigate the risk associated with the authentication bypass. ### Workarounds No viable workarounds are currently available for this vulnerability. It is recommended to apply the provided patch promptly. ### References - [OASIS SAML v2.0 Errata 05](https://docs.oasis-open.org/se...

Grocy 4.0.2 Cross Site Request Forgery

Grocy versions 4.0.2 and below suffer from a cross site request forgery vulnerabilities.