Tag
#firefox
SchoolPlus LMS version 1.0 suffers from a remote SQL injection vulnerability.
AccPack Khanepani version 1.0 suffers from an insecure direct object reference vulnerability.
AccPack Cop version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
AccPack Buzz version 1.0 suffers from an arbitrary file upload vulnerability.
Chuksrio LMS version 2.9 suffers from an insecure direct object reference vulnerability.
### Summary The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting (XSS) in the redirect response HTML body. ### Details Twisted’s `redirectTo` function generates an `HTTP 302 Redirect` response. The response contains an HTML body, built for exceptional cases where the browser doesn’t properly handle the redirect, allowing the user to click a link, navigating them to the specified destination. The function reflects the destination URL in the HTML body without any output encoding. ```python # https://github.com/twisted/twisted/blob/trunk/src/twisted/web/_template_util.py#L88 def redirectTo(URL: bytes, request: IRequest) -> bytes: # ---snip--- content = b""" <html> <head> <meta http-equiv=\"refresh\" content=\"0;URL=%(url)s\"> </head> <body bgcolor=\"#FFFFFF\" text=\"#000000\"> <a href=\"%(url)...
QuickJob version 6.1 suffers from an ignored default credential vulnerability.
Prison Management System version version 1.0 suffers from an ignored default credential vulnerability.
Pharmacy Management System version 1.0 suffers from an ignored default credential vulnerability.