Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

GHSA-8mx2-rjh8-q3jq: copyparty Reflected XSS via Filter Parameter

### Summary Unauthorized reflected Cross-Site-Scripting when accessing the URL for recent uploads with the `filter` parameter containing JavaScript code. ### Details When accessing the recent uploads page at `/?ru`, users can filter the results using an input field at the top. This field appends a filter parameter to the URL, which reflects its value directly into a `<script>` block without proper escaping. This vulnerability allows for reflected Cross-Site Scripting (XSS) and can be exploited against both authenticated and unauthenticated users, enabling unwanted actions in the victims browser. ### PoC A URL like this will execute `alert(1)`: ``` https://127.0.0.1:3923/?ru&filter=</script><script>alert(1)</script> ```

ghsa
Open in Source
#xss#vulnerability#git#java#auth
GHSA-rrff-chj9-w4c7: Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability via Header Link Rendering

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this kind of attack too. Apache JSPWiki users should upgrade to 2.12.3 or later.

GHSA-72ww-4rcw-mc62: Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability in the Image Plugin

A carefully crafted request using the Image plugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.3 or later.

July Linux Patch Wednesday

July Linux Patch Wednesday. This time, there are 470 vulnerabilities, slightly fewer than in June. Of these, 291 are in the Linux Kernel. One vulnerability shows signs of being exploited in the wild (CISA KEV): 🔻 SFB – Chromium (CVE-2025-6554) There are also 36 (❗️) vulnerabilities for which public exploits are available or suspected to […]

SonicWall Urges Patch After 3 Major VPN Vulnerabilities Disclosed

watchTowr's latest research details critical SonicWall SMA100 flaws (CVE-2025-40596, 40597, 40598). Discover how pre-auth stack/heap overflows and XSS put SSL-VPNs at risk. Patch now!

GHSA-hfcf-79gh-f3jc: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs

The Memos application, up to version v0.24.3, allows for the embedding of markdown images with arbitrary URLs. When a user views a memo containing such an image, their browser automatically fetches the image URL without explicit user consent or interaction beyond viewing the memo. This can be exploited by an attacker to disclose the viewing user's IP address, browser User-Agent string, and potentially other request-specific information to the attacker-controlled server, leading to information disclosure and user tracking.

Why React Didn't Kill XSS: The New JavaScript Injection Playbook

React conquered XSS? Think again. That's the reality facing JavaScript developers in 2025, where attackers have quietly evolved their injection techniques to exploit everything from prototype pollution to AI-generated code, bypassing the very frameworks designed to keep applications secure. Full 47-page guide with framework-specific defenses (PDF, free). JavaScript conquered the web, but with

GHSA-9q4r-x2hj-jmvr: copyparty has DOM-Based XSS vulnerability when displaying multimedia metadata

### Summary An unauthenticated attacker is able to execute arbitrary JavaScript code in a victim's browser due to improper sanitization of multimedia tags in music files, including `m3u` files. ### Details Multimedia metadata is rendered in the web-app without sanitization. This can be exploited in two ways: * a user which has the necessary permission for uploading files can upload a song with an artist-name such as `<img src=x onerror=alert(document.domain)>` * an unauthenticated user can trick another user into clicking a malicious URL, performing this same exploit using an externally-hosted m3u file The CVE score and PoC is based on the m3u approach, which results in a higher severity. ### PoC 1. Create a file named `song.m3u` with the following content. Host this file on an attacker-controlled web server. ```m3u #EXTM3U #EXTINF:1,"><img src=x onerror=alert(document.domain)> - "><img src=x onerror=alert(document.domain)> http://example.com/audio.mp3 ``` ...

GHSA-95jq-xph2-cx9h: Linkify Allows Prototype Pollution & HTML Attribute Injection (XSS)

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Linkify (linkifyjs) allows XSS Targeting HTML Attributes and Manipulating User-Controlled Variables.This issue affects Linkify: from 4.3.1 before 4.3.2.

BreachForums Resurfaces on Original Dark Web (.onion) Address

BreachForums resurfaces on its original .onion domain amid law enforcement crackdowns, raising questions about its admin, safety and future.