#xss

Magento Commerce 1.14.3.9 and Open Source 1.9.3.9 bring essential security enhancements with Patch SUPEE-10752. These updates address various vulnerabilities, including authenticated Admin user remote code execution (RCE), cross-site request forgery (CSRF), and more. Key Security Improvements: - APPSEC-2001: Authenticated Remote Code Execution (RCE) using custom layout XML - APPSEC-2015: Authenticated Remote Code Execution (RCE) through the Create New Order feature (Commerce only) - APPSEC-2042: PHP Object Injection and RCE in the Magento admin panel (Commerce Target Rule module) - APPSEC-2029: PHP Object Injection and Remote Code Execution (RCE) in the Admin panel (Commerce) - APPSEC-2007: Authenticated SQL Injection when saving a category - APPSEC-2027: CSRF is possible against Web sites, Stores, and Store Views - APPSEC-1882: The cron.php file can leak database credentials - APPSEC-2006: Stored cross-site scripting (XSS) through the Enterprise Logging extension - APPSEC-2005: Pers...

Laravel 7.1.2 addresses a possible XSS related attack vector in the Laravel 7.x Blade Component tag attributes when users are allowed to dictate the value of attributes. All Laravel 7.x users are encouraged to upgrade as soon as possible.

Laravel is prone to a Cross-site Scripting vulnerability in blade templating.

There is an XSS vulnerability in CKEditor, which is used by AlloyEditor, which is used in eZ Platform Admin UI. Scripts can be injected through specially crafted "protected" comments. We are not sure it is exploitable in eZ Platform, but recommend installing it to be on the safe side. It is fixed in CKEditor v4.14, AlloyEditor v2.11.9. It is distributed via Composer, for: ``` eZ Platform v1.13.x: ezsystems/PlatformUIAssetsBundle v4.2.3 (included from ezsystems/PlatformUIBundle v1.13.x) eZ Platform v2.5.13: ezsystems/ezplatform-admin-ui-assets v4.2.1 eZ Platform v3.0.*: ezsystems/ezplatform-admin-ui-assets v5.0.1 eZ Platform v3.1.2: ezsystems/ezplatform-admin-ui-assets v5.1.1 ``` Drafts that are sent to trash become visible in the Review Queue, even for users that were not able to see them before this action. It's not possible to preview them, but their title and review history is displayed. This affects Enterprise Edition only, of which ezplatform-workflow is a part. This security ...

This security advisory fixes a vulnerability in eZ Publish Legacy, and we recommend that you install it as soon as possible if you are using Legacy via the LegacyBridge. Installations where all modules are disabled may be vulnerable to XSS injection in the module name. This is a rare configuration, but we still recommend installing the update, which adds the necessary input washing. To install, use Composer to update to one of the "Resolving versions" mentioned above, or apply this patch manually: https://github.com/ezsystems/ezpublish-legacy/commit/4697bff700e8cf95d5847ea19dad3479a77b02d9

This security advisory fixes 4 separate vulnerabilities in eZ Publish Legacy, and we recommend that you install it as soon as possible if you are using Legacy by itself or via the LegacyBridge. First, it increases the randomness, and thus the security, of the pseudo-random bytes used to generate a hash for the "forgot password" feature. This protects accounts against being taken over through attacks trying to predict the hash. If the increased randomness is not available in your PHP installation, it will now log a warning. Second, it improves security of the information collector feature, by ensuring no collection emails will be sent from invalid manipulated forms. Third, it stops the possible leaking of the names of content objects that should not be readable for certain users, on installations where these users can create or edit XML text. Fourth, it protects against cross-site scripting (XSS) in the Matrix data type, on installations where users are allowed to edit content c...

This security advisory fixes a severe vulnerability in the eZ Platform Admin UI, and we recommend that you install it as soon as possible. Parts of the Admin UI are vulnerable to XSS injection. All 2.x sites are at risk, and particularly those that allow user generated content. The update adds the necessary escaping of injected code. This resolves the issue both for code that has already been injected, and any future such code. To install, use Composer to update "ezsystems/ezplatform-admin-ui" and "ezsystems/ezplatform-page-builder" to one of the "Resolving versions" mentioned above. (ezplatform-page-builder exists only in eZ Platform Enterprise Edition.)

This Security Advisory is about two issues of low to medium severity. We recommend that you install the update as soon as possible. There is an XSS vulnerability in CKEditor, which is used by AlloyEditor, which is used in eZ Platform Admin UI. Scripts can be injected through specially crafted "protected" comments. We are not sure it is exploitable in eZ Platform, but recommend installing it to be on the safe side. It is fixed in CKEditor v4.14, AlloyEditor v2.11.9. It is distributed via Composer, for: eZ Platform v1.13.x: ezsystems/PlatformUIAssetsBundle v4.2.3 (included from ezsystems/PlatformUIBundle v1.13.x) eZ Platform v2.5.13: ezsystems/ezplatform-admin-ui-assets v4.2.1 eZ Platform v3.0.*: ezsystems/ezplatform-admin-ui-assets v5.0.1 eZ Platform v3.1.2: ezsystems/ezplatform-admin-ui-assets v5.1.1 Drafts that are sent to trash become visible in the Review Queue, even for users that were not able to see them before this action. It's not possible to preview them, but their title ...

The xss_clean() method in the Security Library of CodeIgniter/Framework, specifically in versions before 3.0.3, exhibited a vulnerability that allowed certain Cross-Site Scripting (XSS) vectors to bypass its intended protection mechanisms. The xss_clean() method is designed to sanitize input data by removing potentially malicious content, thus preventing XSS attacks. However, in versions prior to 3.0.3, it was discovered that the method did not adequately mitigate specific XSS vectors, leaving a potential security gap.

### Impact This is a cross-site scripting vulnerability which affects every version of Mautic and could allow an attacker unauthorised administrator level access to Mautic. This vulnerability was reported by Naveen Sunkavally at Horizon3.ai. ### Patches Upgrade to 3.2.4 or 2.16.5. Link to patch for 2.x versions: https://github.com/mautic/mautic/compare/2.16.4...2.16.5.diff Link to patch for 3.x versions: https://github.com/mautic/mautic/compare/3.2.2...3.2.4.diff ### Workarounds None ### For more information If you have any questions or comments about this advisory: * Post in https://forum.mautic.org/c/support * Email us at security@mautic.org