#js

Red Hat Security Advisory 2024-2793-03 - An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-2705-03 - An update is now available for Red Hat build of Quarkus.

### Description: A Stored Blind Cross-Site Scripting (XSS) vulnerability has been identified in the Failed Login Attempts Logging Feature of the Froxlor Application. Stored Blind XSS occurs when user input is not properly sanitized and is stored on the server, allowing an attacker to inject malicious scripts that will be executed when other users access the affected page. In this case, an unauthenticated User can inject malicious scripts in the loginname parameter on the Login attempt, which will then be executed when viewed by the Administrator in the System Logs. The application protects users against XSS attacks by utilizing an xss sanitization library. But the checks of the library were bypassed by crafting an XSS Payload using data binding and interpolation of Vue.js A working XSS payload was crafted which forces an administrator to add a new malicious attacker-controlled Administrator User. The Payload is: [payload.txt](https://github.com/froxlor/Froxlor/files/15142616/payload...

Red Hat Security Advisory 2024-2672-03 - Red Hat OpenShift Container Platform release 4.14.24 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution and denial of service vulnerabilities.

Red Hat Security Advisory 2024-2671-03 - Red Hat build of MicroShift release 4.14.24 is now available with updates to packages and images that fix several bugs. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-2669-03 - Red Hat OpenShift Container Platform release 4.15.12 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2024-2668-03 - Red Hat OpenShift Container Platform release 4.14.24 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-2667-03 - Red Hat build of MicroShift release 4.15.12 is now available with updates to packages and images that include a security update.

Red Hat Security Advisory 2024-2666-03 - Red Hat OpenShift Container Platform release 4.14.24 is now available with updates to packages and images that fix several bugs.

Red Hat Security Advisory 2024-2664-03 - Red Hat OpenShift Container Platform release 4.15.12 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.