Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2022-36180: FusionDirectory.com is for sale | HugeDomains

Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], /fusiondirectory/index.php?signout=1&message=[injection]&plug=106.

CVE
Open in Source
#xss#web#php#ssl
CVE-2022-43708: Free and Open Source Forum Software

MyBB 1.8.31 has a (issue 2 of 2) cross-site scripting (XSS) vulnerabilities in the post Attachments interface allow attackers to inject HTML by persuading the user to upload a file with specially crafted name

GHSA-66jf-xm2m-7m8r: Stored XSS in Compare Mode

A malicious content author could add a Javascript payload to a page's meta description and get it executed in the versioned history compare view. This vulnerability requires access to the CMS to be deployed. The attacker must then convince a privileged user to access the version history for that page.

GHSA-vvxf-r4vm-2vm6: Reflected XSS in querystring parameters

An attacker could inject a XSS payload in a Silverstripe CMS response by carefully crafting a return URL on a /dev/build or /Security/login request. To exploit this vulnerability, an attacker would need to convince a user to follow a link with a malicious payload. This will only affect projects configured to output PHP warnings to the browser. By default, Silverstripe CMS will only output PHP warnings if your SS_ENVIRONMENT_TYPE environment variable is set to dev. Production sites should always set SS_ENVIRONMENT_TYPE to live.

GHSA-wc6r-4ggc-79w5: Stored XSS using HTMLEditor

A malicious content author could add a JavaScript payload to the href attribute of a link by splitting a javascript URL with white space characters. An attacker must have access to the CMS to exploit this issue.

GHSA-qw4w-vq8v-2wcv: Stored XSS using uppercase characters in HTMLEditor

A malicious content author could add a Javascript payload to the href attribute of a link. A similar issue was identified and fixed via CVE-2022-28803. However, the fix didn't account for the casing of the href attribute. An attacker must have access to the CMS to exploit this issue.

GHSA-pp74-g2q5-j4jf: Stored XSS in custom meta tags

A malicious content author could create a custom meta tag and execute an arbitrary JavaScript payload. This would require convincing a legitimate user to access a page and enter a custom keyboard shortcut. This requires CMS access to exploit.

GHSA-9cx2-hj6m-fv58: XSS in shortcodes

A malicious content author could add arbitrary attributes to HTML editor shortcodes which could be used to inject a JavaScript payload on the front end of the site. The shortcode providers that ship with Silverstripe CMS have been reviewed and attribute whitelists have been implemented where appropriate to negate this risk.

GHSA-vv3r-fxqp-vr3f: XSS via uploaded gpx file

A malicious content author could upload a GPX file with a Javascript payload. The payload could then be executed by luring a legitimate user to view the file in a browser with support for GPX files. GPX is an XML-based format used to store GPS data. By default, Silverstripe CMS will no longer allow GPX files to be uploaded to the assets area.

GHSA-44xv-v98g-v79f: URL XSS vulnerability due to outdated jquery in CMS

Silverstripe silverstripe/framework through 4.11 allows XSS (issue 2 of 3).