Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-20868: VMSA-2023-0010

NSX-T contains a reflected cross-site scripting vulnerability due to a lack of input validation. A remote attacker can inject HTML or JavaScript to redirect to malicious pages.

CVE
Open in Source
#xss#vulnerability#java#vmware
CVE-2023-33780: XSS Vulnerability in news endpoint

A stored cross-site scripting (XSS) vulnerability in TFDi Design smartCARS 3 v0.7.0 and below allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the body of news article.

CVE-2023-2817: Fixed XSS vulnerabilities · craftcms/cms@7655e10

A post-authentication stored cross-site scripting vulnerability exists in Craft CMS versions <= 4.4.11. HTML, including script tags can be injected into field names which, when the field is added to a category or section, will trigger when users visit the Categories or Entries pages respectively.

CVE-2023-33394: skycaiji-v2.5.4 has a backend xss vulnerability

skycaiji v2.5.4 is vulnerable to Cross Site Scripting (XSS). Attackers can achieve backend XSS by deploying malicious JSON data.

CVE-2023-29098: WordPress CopySafe Web Protection plugin <= 3.13 - Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ArtistScope CopySafe Web Protection plugin <= 3.13 versions.

SCM Manager 1.60 Cross Site Scripting

SCM Manager versions 1.2 through 1.60 suffer from a persistent cross site scripting vulnerability.

Zenphoto 1.6 Cross Site Scripting

Zenphoto version 1.6 suffers from multiple persistent cross site scripting vulnerabilities.

GHSA-6qjx-787v-6pxr: Craft CMS stored XSS in indexedVolumes

### Summary XSS can be triggered via the Update Asset Index utility ### PoC 1. Access setting tab 2. Create new assets 3. In assets name inject payload: "<script>alert(26)</script> 4. Click Utilities tab 5. Choose all volumes, or volume trigger xss 7. Click Update asset indexes. XSS will be triggered Json response volumes name makes triggers the payload "session":{"id":1,"indexedVolumes":{"1":"\"<script>alert(26)</script>"}, It’s run on every POST request in the utility. Resolved in https://github.com/craftcms/cms/commit/8c2ad0bd313015b8ee42326af2848ee748f1d766

GHSA-cjmm-x9x9-m2w5: Craft CMS stored XSS in review volume

### Summary XSS can be triggered by review volumes ### PoC 1. Access setting tab 2. Create new assets 3. In assets name inject payload: "<script>alert(1337)</script> 4. Click Utilities tab 5. Choose all volumes, or volume trigger xss 6. Click Update asset indexes. 7. Wait to assets update success. 8. Progress complete. 9. Click on review button will trigger XSS ### Root cause Function: index.php?p=admin/actions/asset-indexes/process-indexing-session&v=1680710595770 After loading completed, progess will load: "skippedEntries" and "missingEntries" These parameters is not yet filtered, I just tried "skippedEntries" but I think it will be work with "missingEntries" ### My reponse: { "session": { "id": 10, "indexedVolumes": { "6": "\"<script>alert(1337)</script>" }, "totalEntries": 2235, "processedEntries": 2235, "cacheRemoteImages": true, "listEmptyFolders": false, "isCli": false, "actionRequired": true, ...