Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component.

**CMSmadesimple Stored XSS v2.2.18****Author: (Sergio)**

**Description:** Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title in the Content - News Menu.

**Attack Vectors:** Scripting A vulnerability in the sanitization of the entry in the Ttile of "Content - News Menu" allows injecting JavaScript code that will be executed when the user accesses the web page.

**POC:**

When logging into the panel, we will go to the "Content- News" section off General Menu.

We edit that Content - News Menu with the payload that we have created and see that we can inject arbitrary Javascript code in the Title field.

**XSS Payload:**

'"><svg/onload=prompt('Title')\>

In the following image you can see the embedded code that executes the payload in the main web. 

  
**Additional Information:**

http://www.cmsmadesimple.org/

https://owasp.org/Top10/es/A03\_2021-Injection/

CVE-2023-43358: GitHub - sromanhu/CVE-2023-43358-CMSmadesimple-Stored-XSS---News: Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to

kodbox 1.44 is vulnerable to Cross Site Scripting (XSS). Customizing global HTML results in storing XSS.

\[CVE ID\]

CVE-2023-45998

\[PRODUCT\]

kodbox is a file manager for web. It is a newly designed product based on kodexplorer.

\[IVERSION\]

kodbox - V1.44

\[PROBLEM TYPE\]

Cross Site Scripting (XSS)

\[DESCRIPTION\]

Customizing global HTML results in storing XSS.

CVE-2023-45998: CVE-2023-45998

Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics.

**ConcreteCMS Stored XSS v.9.2.1****Author: (Sergio)**

**Description:** Multiple Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics.

**Attack Vectors:** Scripting A vulnerability in the sanitization of the entry in the Header and Footer Tracking Codes of "SEO & Statistics" allows injecting JavaScript code that will be executed when the user accesses the web page.

**POC:**

When logging into the panel, we will go to the "SEO & Statistics- Header and Footer Tracking Codes." section off Dashboard Menu.

**XSS Payload:**

<img src\=x:alert(alt) onerror\=eval(src) alt\='XSS Header'\>

<img src\=x:alert(alt) onerror\=eval(src) alt\='XSS Footer'\>

In the following image you can see the embedded code that executes the payload in the main web. 

We can use a payload to steal cookies and obtain them when a user logs on to the website in the two vulnerable fields.

Original session cookie.

Request captured with the external server:

  
**Additional Information:**

https://www.concretecms.com/

https://owasp.org/Top10/es/A03\_2021-Injection/

CVE-2023-44760: GitHub - sromanhu/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes: Multiple Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a craf

umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF) vulnerability.

**CVE-2023-45966****Blind SSRF in umputun/remark42 <= 1.12.1 \[Suggested description\] An issue was found in umputun/remark42 <= 1.12.1. Malicious JSON in POST request to /api/v1/comment?site=<SITE\_ID> leads to Blind SSRF due to missing title field and insufficient filtering of url field in comment creation request.****\[Additional Information\] Fixed in commit: efceed6****\[VulnerabilityType Other\] CWE-918: Server Side Request Forgery****\[Vendor of Product\] https://github.com/umputun****\[Affected Product Code Base\] Affected version: umputun/remark42 <= 1.12.1****\[Affected Component\] /api/v1/comment****\[Attack Type\] Remote****\[Impact Code execution\] false****\[Impact Denial of Service\] false****\[Impact Escalation of Privileges\] false****\[Impact Information Disclosure\] true****\[Attack Vectors\] An attacker able to send crafted JSON****\[Discoverer\] Dmitry Kuramin (Jet Infosystems, jet.su)**

\[Reference\] https://jet.su/vuln

CVE-2023-45966: GitHub - jet-pentest/CVE-2023-45966: Blind SSRF in umputun/remark42 <= 1.12.1

A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket.

CVE-2023-37636

UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application.

CVE-2023-37635

DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication.

CVE-2023-27152

IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission.  IBM X-Force ID:  256020.

CVE-2023-33837: Security Bulletin: IBM Security Verify Governance is affected by multiple vulnerabilities

IBM Security Verify Governance 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  256037.

CVE-2023-33840: IBM Security Verify Governance cross-site scripting CVE-2023-33840 Vulnerability Report

IBM Security Verify Governance 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.  IBM X-Force ID:  256036.

Source

CVE