#xss

### Impact Editors that use `MediaEmbedElement` and pass custom `urlParsers` to the `useMediaState` hook may be vulnerable to XSS if a custom parser allows `javascript:`, `data:` or `vbscript:` URLs to be embedded. Editors that do not use `urlParsers` and instead consume the `url` property directly may also be vulnerable if the URL is not sanitised. The default parsers `parseTwitterUrl` and `parseVideoUrl` are not affected. Examples of vulnerable code: ```tsx const { embed } = useMediaState({ urlParsers: [ // Custom parser that does not use an allowlist or validate the URL protocol (url) => ({ url }), ], }); return ( <iframe src={embed!.url} // ... /> ); ``` ```tsx const { url } = useMediaState(); return ( <iframe // url property used directly from useMediaState() with no sanitisation src={url} // ... /> ); ``` ```tsx const { url } = element; return ( <iframe // url property used directly from element with no sanitisation src={...

### Impact The Auth0 WordPress plugin allows site administrators to opt-in to allowing the use of a `wle` parameter, which can be passed to the WordPress login page by end users. When this parameter is supplied using an expected value (which is randomly generated by the plugin, by default), the end user can fallback to using WordPress' native authentication behavior. (This is generally intended as an emergency fallback for administrators to still be able to access their dashboard in the event something goes wrong.) In previous versions of the plugin, under specific conditions, this parameter could potentially accept an arbitrary string that would be improperly rendered, potentially allowing for a cross-site scripting (XSS) attack on the login page. ### Patches Please upgrade to v4.6.1 of the plugin to resolve the issue.

LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in XsltResultControllerHtml.jsp.

LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in UrlAccessibilityEvaluation.jsp.

LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in main.jsp

Debian Linux Security Advisory 5727-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or privilege escalation.

Ubuntu Security Notice 6891-1 - It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. It was discovered that Python incorrectly used regular expressions vulnerable to catastrophic backtracking. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS.

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM APE 1808 Vulnerabilities: Stack-based Buffer Overflow, Use of Password Hash With Insufficient Computational Effort, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute unauthorized code or commands via specially crafted CLI commands and access to decrypting the CLI backup file. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Siemens, are affected: Siemens RUGGEDCOM APE1808: All versions with Fortinet NGFW 3.2 Vulnerability Overview 3.2.1 STACK-BASED BUFF...

### Impact The admin panel is subject to potential XSS attach in case the attacker manages to modify some records being uploaded to the server. The attacker is able to change e.g. to `<svg onload=alert('XSS')>` if they know how to craft these requests themselves. And then enter the returned blob ID to the form inputs manually by modifying the edit page source. ### Patches Available in versions 0.27.6 and 0.28.1. ### Workarounds Review the user accounts that have access to the admin panel (i.e. general Administrators, and participatory space's Administrators) and remove access to them if they don't need it. ### References OWASP ASVS v4.0.3-5.1.3

### Impact The pagination feature used in searches and filters is subject to potential XSS attack through a malformed URL using the GET parameter `per_page`. ### Patches Patched in version 0.27.6 and 0.28.1 ### References OWASP ASVS v4.0.3-5.1.3 ### Credits This issue was discovered in a security audit organized by the [mitgestalten Partizipationsbüro](https://partizipationsbuero.at/) and funded by [netidee](https://www.netidee.at/) against Decidim done during April 2024. The security audit was implemented by [AIT Austrian Institute of Technology GmbH](https://www.ait.ac.at/),