A cross-site scripting (XSS) vulnerability in Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted X-Forwarded-For request.

**Cross site scripting in Jfinal**

Moderate severity GitHub Reviewed Published Jun 3, 2022 • Updated Jun 3, 2022

GHSA-8rp2-j3vj-hgj4: Cross site scripting in Jfinal

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and arbitrary code execution.

**Vaikutus**

Critical

**Tiedot**

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-22556

Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to the Denial of Service.

3.7

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2022-22557

Dell PowerStore contains Plain-Text Password Storage Vulnerability in version 2.0.0.x. and 2.0.1.x. A locally authenticated attacker may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26866

Dell PowerStore contains a Stored Cross-Site Scripting Vulnerability, an authenticated attacker may potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.

5.5

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

CVE-2022-26867

Dell PowerStore contains formula injection vulnerability in which it supports the option to export data to either a CSV or an XLSX file. The data is taken as is, without any validation or sanitization. It may allow a malicious, authenticated user to inject payloads that might get interpreted as formulas by the corresponding spreadsheet application that is being used to open the CSV/XLSX file.

5.9

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

CVE-2022-26868

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x are vulnerable to a command injection flaw. An authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26869

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contain an open port vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to information disclosure, arbitrary code execution.

9.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26870

Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. A remote unauthenticated attacker may  potentially exploit this vulnerability when both Remote Secure Credential and External SSH are enabled. An attacker would gain “service” account access upon successful exploit.

7.0

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

 

**Third-Party Component**

**CVEs**

**More Information**

NVMe SSD

CVE-2021-0148

Intel-SA-00535

Axios

CVE-2020-28168

See NVD (http://nvd.nist.gov/) for individual scores of each CVE.

bind-libs  
bind-libs-lite  
bind-utils  
bind-license

CVE-2021-25215

glib2

CVE-2021-27219

gupnp

CVE-2021-33516

java-1.8.0-openjdk

CVE-2021-2369

CVE-2021-2388

CVE-2021-2341

libldb

CVE-2021-20277

libwbclient

CVE-2021-20254

Lo-dash

CVE-2021-23337

CVE-2020-28500

CVE-2020-8203

Log4j

CVE-2021-45105

CVE-2021-44832

CVE-2022-23307

nettle

CVE-2021-20305

nss  
nss-sysinit  
nss-tools

CVE-2020-25648

openldap

CVE-2020-25692

pillow

CVE-2021-28675

CVE-2021-28676

CVE-2021-25288

CVE-2021-25287

CVE-2021-28677

CVE-2021-28678

postgres

CVE-2021-20229

CVE-2021-32027

CVE-2021-3393

postgres-libs

CVE-2021-32027

postgresql-libs

CVE-2019-10208

CVE-2020-25694

CVE-2020-25695

samba-common  
samba-client-libs  
samba-common-libs libwbclient

CVE-2021-20254

screen version

CVE-2021-26937

urllib3

CVE-2021-33503

xterm

CVE-2021-27135

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-22556

Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to the Denial of Service.

3.7

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2022-22557

Dell PowerStore contains Plain-Text Password Storage Vulnerability in version 2.0.0.x. and 2.0.1.x. A locally authenticated attacker may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26866

Dell PowerStore contains a Stored Cross-Site Scripting Vulnerability, an authenticated attacker may potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.

5.5

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

CVE-2022-26867

Dell PowerStore contains formula injection vulnerability in which it supports the option to export data to either a CSV or an XLSX file. The data is taken as is, without any validation or sanitization. It may allow a malicious, authenticated user to inject payloads that might get interpreted as formulas by the corresponding spreadsheet application that is being used to open the CSV/XLSX file.

5.9

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

CVE-2022-26868

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x are vulnerable to a command injection flaw. An authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26869

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contain an open port vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to information disclosure, arbitrary code execution.

9.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26870

Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. A remote unauthenticated attacker may  potentially exploit this vulnerability when both Remote Secure Credential and External SSH are enabled. An attacker would gain “service” account access upon successful exploit.

7.0

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

 

**Third-Party Component**

**CVEs**

**More Information**

NVMe SSD

CVE-2021-0148

Intel-SA-00535

Axios

CVE-2020-28168

See NVD (http://nvd.nist.gov/) for individual scores of each CVE.

bind-libs  
bind-libs-lite  
bind-utils  
bind-license

CVE-2021-25215

glib2

CVE-2021-27219

gupnp

CVE-2021-33516

java-1.8.0-openjdk

CVE-2021-2369

CVE-2021-2388

CVE-2021-2341

libldb

CVE-2021-20277

libwbclient

CVE-2021-20254

Lo-dash

CVE-2021-23337

CVE-2020-28500

CVE-2020-8203

Log4j

CVE-2021-45105

CVE-2021-44832

CVE-2022-23307

nettle

CVE-2021-20305

nss  
nss-sysinit  
nss-tools

CVE-2020-25648

openldap

CVE-2020-25692

pillow

CVE-2021-28675

CVE-2021-28676

CVE-2021-25288

CVE-2021-25287

CVE-2021-28677

CVE-2021-28678

postgres

CVE-2021-20229

CVE-2021-32027

CVE-2021-3393

postgres-libs

CVE-2021-32027

postgresql-libs

CVE-2019-10208

CVE-2020-25694

CVE-2020-25695

samba-common  
samba-client-libs  
samba-common-libs libwbclient

CVE-2021-20254

screen version

CVE-2021-26937

urllib3

CVE-2021-33503

xterm

CVE-2021-27135

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

**Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen**

**CVEs Addressed**

**Products**

**Affected Versions**

**Updated Versions**

**Link to Update**

CVE-2022-22557

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions 2.0.0.x and 2.0.1.x  
\*PowerStore T OS versions 1.0.x.x are not affected.

PowerStore X OS versions 2.0.0.x and 2.0.1.x  
\*PowerStore X OS versions 1.0.x.x are not affected.

PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore T OS Upgrade 2.1.0.1-1602345

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

https://www.dell.com/support/home/?app=drivers

CVE-2022-22556

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions before PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore X OS versions before PowerStore X OS Upgrade 2.1.1.0-1649887

PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore T OS Upgrade 2.1.0.1-1602345

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS”  
PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2021-0148

CVE-2020-28168

CVE-2021-25215

CVE-2021-27219

CVE-2021-33516

CVE-2021-2369

CVE-2021-2388

CVE-2021-2341

CVE-2021-20277

CVE-2021-20254

CVE-2021-23337

CVE-2020-28500

CVE-2020-8203

CVE-2020-25692

CVE-2021-28675

CVE-2021-28676

CVE-2021-25288

CVE-2021-25287

CVE-2021-28677

CVE-2021-28678

CVE-2021-20229

CVE-2021-32027

CVE-2021-3393

CVE-2019-10208

CVE-2020-25694

CVE-2020-25695

CVE-2021-20254

CVE-2021-26937

CVE-2021-33503

CVE-2021-27135

CVE-2022-26867

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions before PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS versions before PowerStore X OS Upgrade 2.1.1.0-1649887

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2022-26867

CVE-2021-45105

CVE-2021-44832

CVE-2022-23307

CVE-2022-26868

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions 2.0.0.x, 2.0.1.x and 2.1.0.x  
\*PowerStore T OS versions 1.0.x.x are not affected.

PowerStore X OS versions 2.0.0.x, 2.0.1.x and 2.1.0.x  
\*PowerStore X OS versions 1.0.x.x are not affected.

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2022-26869

CVE-2022-26870

PowerStore T OS

PowerStore T OS versions 2.1.0.x  
\*PowerStore T OS 1.0.x.x, 2.0.0.x, 2.0.1.x are not affected

PowerStore T OS Upgrade 2.1.1.0-1649887  
 

**CVEs Addressed**

**Products**

**Affected Versions**

**Updated Versions**

**Link to Update**

CVE-2022-22557

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions 2.0.0.x and 2.0.1.x  
\*PowerStore T OS versions 1.0.x.x are not affected.

PowerStore X OS versions 2.0.0.x and 2.0.1.x  
\*PowerStore X OS versions 1.0.x.x are not affected.

PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore T OS Upgrade 2.1.0.1-1602345

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

https://www.dell.com/support/home/?app=drivers

CVE-2022-22556

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions before PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore X OS versions before PowerStore X OS Upgrade 2.1.1.0-1649887

PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore T OS Upgrade 2.1.0.1-1602345

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS”  
PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2021-0148

CVE-2020-28168

CVE-2021-25215

CVE-2021-27219

CVE-2021-33516

CVE-2021-2369

CVE-2021-2388

CVE-2021-2341

CVE-2021-20277

CVE-2021-20254

CVE-2021-23337

CVE-2020-28500

CVE-2020-8203

CVE-2020-25692

CVE-2021-28675

CVE-2021-28676

CVE-2021-25288

CVE-2021-25287

CVE-2021-28677

CVE-2021-28678

CVE-2021-20229

CVE-2021-32027

CVE-2021-3393

CVE-2019-10208

CVE-2020-25694

CVE-2020-25695

CVE-2021-20254

CVE-2021-26937

CVE-2021-33503

CVE-2021-27135

CVE-2022-26867

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions before PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS versions before PowerStore X OS Upgrade 2.1.1.0-1649887

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2022-26867

CVE-2021-45105

CVE-2021-44832

CVE-2022-23307

CVE-2022-26868

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions 2.0.0.x, 2.0.1.x and 2.1.0.x  
\*PowerStore T OS versions 1.0.x.x are not affected.

PowerStore X OS versions 2.0.0.x, 2.0.1.x and 2.1.0.x  
\*PowerStore X OS versions 1.0.x.x are not affected.

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2022-26869

CVE-2022-26870

PowerStore T OS

PowerStore T OS versions 2.1.0.x  
\*PowerStore T OS 1.0.x.x, 2.0.0.x, 2.0.1.x are not affected

PowerStore T OS Upgrade 2.1.1.0-1649887  
 

**Versiohistoria****Asiaan liittyvät tiedot**

Dell Security Advisories and Notices  
Dell Vulnerability Response Policy  
CVSS Scoring Guide

Tämän Dell Technologiesin tietoturvatiedotteen tiedot on luettava, ja niiden avulla voidaan välttää tilanteita, jotka voivat johtua tässä kuvatuista ongelmista. Dell Technologiesin tietoturvatiedotteet tuovat tärkeitä tietoturvatietoja haavoittuvuudelle alttiiden tuotteiden käyttäjien tietoon. Dell Technologies arvioi riskin perustuen asennettujen järjestelmien hajautetun joukon keskimääräisiin riskeihin, eikä se välttämättä vastaa paikallisen asennuksen ja yksittäisen ympäristön todellista riskiä. Suositus on, että kaikki käyttäjät ratkaisevat näiden tietojen sovellettavuuden yksittäisten ympäristöjen mukaan ja ryhtyvät tarvittaviin toimenpiteisiin. Tässä esitetyt tiedot annetaan "sellaisenaan" ilman minkäänlaista takuuta. Dell Technologies kiistää kaikki suorat tai epäsuorat takuut, mukaan lukien takuut soveltuvuudesta kaupankäynnin kohteeksi, sopivuudesta tiettyyn käyttötarkoitukseen, omistusoikeudesta ja loukkaamattomuudesta. Dell Technologies, sen tytäryhtiöt tai toimittajat eivät missään tilanteessa ole vastuussa mistään vahingoista, jotka johtuvat tässä asiakirjassa mainituista tiedoista tai toimenpiteistä, joihin käyttäjä päättää ryhtyä. Tämä koskee kaikkia suoria, epäsuoria, satunnaisia, välillisiä, liikevoiton menetykseen liittyviä tai erityisluontoisia vahinkoja, vaikka Dell Technologies tai sen tytäryhtiöt tai toimittajat olisivat saaneet tiedon tällaisten vahinkojen mahdollisuudesta. Jotkin osavaltiot eivät salli satunnaisten tai seuraamuksellisten vahinkojen vastuun poistamista tai rajoittamista, joten edellä mainittua rajoitusta sovelletaan vain lain sallimassa laajuudessa.

PowerStore, PowerStore 1000X, PowerStore 1000T, PowerStore 3000X, PowerStore 3000T, PowerStore 5000X, PowerStore 5000T, PowerStore 500T, PowerStore 7000X, PowerStore 7000T, PowerStore 9000X, PowerStore 9000T, Product Security Information

21 huhtik. 2022

CVE-2022-26869: DSA-2022-014: Dell EMC PowerStore Family Security Update for Multiple Vulnerabilities

### Impact

There is no known practical impact other than it is just possible to manipulate CSRF cookie and XSS the malicious user self.

### Patches

Invalid characters of CSRF tokens are stripped after reading cookie. Users should upgrade to 0.12.8 or the latest 0.13.0+dev.

### Workarounds

No need for workarounds.

### References

N/A

### For more information

If you have any questions or comments about this advisory, please post on https://github.com/gogs/gogs/issues/6953.


1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  GHSA-pj96-4jhv-v792

**Cross site scripting via cookies in gogs**

Low severity GitHub Reviewed Published Jun 2, 2022 in gogs/gogs • Updated Jun 2, 2022

**Package**

gomod gogs.io/gogs (Go )

**Affected versions**

< 0.12.8

**Description**

**Impact**

There is no known practical impact other than it is just possible to manipulate CSRF cookie and XSS the malicious user self.

**Patches**

Invalid characters of CSRF tokens are stripped after reading cookie. Users should upgrade to 0.12.8 or the latest 0.13.0+dev.

**Workarounds**

No need for workarounds.

**References**

N/A

**For more information**

If you have any questions or comments about this advisory, please post on gogs/gogs#6953.

**References**

*   GHSA-pj96-4jhv-v792
*   gogs/gogs#6953

**Weaknesses**

**GHSA ID**

GHSA-pj96-4jhv-v792

**Source code**

GHSA-pj96-4jhv-v792: Cross site scripting via cookies in gogs

Uncontrolled resource consumption in Mattermost version 6.6.0 and earlier allows an authenticated attacker to crash the server via a crafted SVG attachment on a post.

CVE-2022-1982: Security Updates

NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack.

**NETSCOUT Security**

**CVE-2021-45981**

CVE

Title

Version

Severity

CVE-2021-45981

XML External Entity (XXE)

6.3.2

Base

**Summary**

NETSCOUT Systems in nGeniusONE version 6.3.2 build 904 allows XML External Entity (XXE) attacks. Attack complexity is high. Privileges required none. User interaction required and scope is unchanged.

NetScout Systems would like to acknowledge Lukasz Plonka for reporting CVE-2021-45981 to techsupport@netscout.com

   
**Fixed Software**

Customers should install patch 6.3.2 P12 to eliminate this vulnerability. The patch is available on My NETSCOUT account page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note all future versions include this fix.

techsupport@netscout.com

**CVE-2021-45982**

CVE

Title

Version

Severity

CVE-2021-45982

Arbitrary File Upload

6.3.2

Base

**Summary**

NETSCOUT Systems in nGeniusONE version 6.3.2 build 904 allows an Arbitrary File Upload vulnerability. Attack complexity is high. Privileges required low. User interaction required and scope is unchanged.

NetScout Systems would like to acknowledge Lukasz Plonka for reporting CVE-2021-45982 to techsupport@netscout.com

   
**Fixed Software**

Customers should install patch 6.3.2 P10  to eliminate this vulnerability. The patch is available on My NETSCOUT account page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note all future versions include this fix.

techsupport@netscout.com

**CVE-2021-45983**

CVE

Title

Version

Severity

CVE-2021-45983

Java RMI Remote Code Execution

6.3.2

Base

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.2 build 904 allows Java RMI Code Execution attacks. Attack complexity is high. Privileges required none. User interaction required and scope is unchanged.

NetScout Systems would like to acknowledge Lukasz Plonka for reporting CVE-2021-45982 to techsupport@netscout.com

   
**Fixed Software**

Customers should install 6.3.2 P12 to eliminate this vulnerability. The patch is available on My NETSCOUT account page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35205**

CVE

Title

Severity

Published

Updated

CVE-2021-35205

Open Redirection

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector. The Attack complexity is low, and the privileges required are also low. User Interaction required, and Scope is unchanged

  **Fixed Software**

Customers should request a patch 6.3.2 FCS B426 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35204**

CVE

Title

Severity

Published

Updated

CVE-2021-35204

Cross-Site Scripting (XSS)

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows Reflected Cross-Site Scripting (XSS) in the support endpoint. Attack Complexity required is low. Privileges required are low and User Interaction required, and Scope is unchanged. The victim has to click on the provided URL.

**Fixed Software**

Customers should request a patch 6.3.0 P6 B1413 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35203**

CVE

Title

Severity

Published

Updated

CVE-2021-35203

Incorrect Access Control

Medium

09/30/2021

10/04/2021

**Summary** 

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint. The attacker needs to send a specially crafted request with a parameter with the file name to read. The Attack Complexity is low, and the privileges required are low. User Interaction is required, and Scope is unchanged

**Fixed Software**

 Customers should request a patch 6.3.0 P6 B1413 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784. Please note that all future versions include this fix.

 techsupport@netscout.com

**CVE-2021-35202**

CVE

Title

Severity

Published

Updated

CVE-2021-35202

Insecure Permissions

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService. Attack Complexity is Low. The attacker can reach endpoints that are restricted. User Interaction is required, and Scope is unchanged

  **Fixed Software**

Customers should request a patch 6.3.0 P6 B1413 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35201**

CVE

Title

Severity

Published

Updated

CVE-2021-35201

XML External Entity (XXE)

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems NEI in nGeniusONE version 6.3.0 build 1196 allows XML External Entity (XXE) attacks. Attack Complexity is High, Privileges Required None, User Interaction Required and Scope is unchanged.

**Fixed Software**

Customers should request a patch 6.3.0 P4 B1406 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35200**

CVE

Title

Severity

Published

Updated

CVE-2021-35200

Stored Cross-Site Scripting (XSS)

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 has stored cross-site scripting in FDSQueryService vulnerability that a high-privileged user can exploit. This would require a user with high privileges. Attack complexity is High, and the Scope is Unchanged

**Fixed Software**

Customers should request a patch 6.3.0 P5 B1411 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35199**

CVE

Title

Severity

Published

Updated

CVE-2021-35199

Stored Cross-Site Scripting (XSS) in UploadFile

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 and earlier has stored cross-site scripting in Packet Analysis module Upload File vulnerability that a normal user can exploit. This requires a little crypto knowledge to exploit. The vulnerability exists in upload functionality.

**Fixed Software**

Customers should request a patch 6.3.0 P5 B1411 to eliminate this vulnerability. This is available on the My NETSCOUT page or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix.

techsupport@netscout.com

**CVE-2021-35198**

CVE

Title

Severity

Published

Updated

CVE-2021-35198

Stored Cross-Site Scripting (XSS) in the Packet Analysis module

Medium

09/30/2021

10/04/2021

**Summary**

NETSCOUT Systems nGeniusONE version 6.3.0 build 1004, and earlier has a stored cross-site scripting vulnerability that a normal user can exploit. The user would need to visit a certain functionality in the packet module for the Stored XSS to get executed.

**Fixed Software**

Customers should request a patch 6.3.0 P5 B1411 to eliminate this vulnerability. This is available on the My NETSCOUT or may be obtained by contacting NETSCOUT support at 1-800-708-4784.  Please note that all future versions include this fix

techsupport@netscout.com

**CVE-2020-28251**

CVE

Title

Severity

Published

Updated

CVE-2020-28251

Escalated Privileges Vulnerability on AirMagnet Enterprise Sensors

High

2020 December 03

2020 December 07

NETSCOUT Systems AirMagnet Enterprise version 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The attacker must complete a straightforward password-cracking exercise.

The affected product models are:

*   SENSOR6-R1S0W1-E
*   SENSOR6-R2S1-E
*   SENSOR6-R2S1-I
*   SENSOR4-R1S1W1-E
*   SENSOR4-R2S1-E
*   SENSOR4-R2S1-I

A software upgrade to AirMagnet Enterprise version 11.1.4 build 37271 to eliminate this vulnerability is available on My NETSCOUT accounts on the AirMagnet Enterprise Downloads page or may be obtained by contacting AirMagnet support at 1-800-708-4784.

  techsupport@netscout.com

CVE-2021-45981: Security Advisories | NETSCOUT

bbs-go <= 3.3.0 including Custom Edition is vulnerable to stored XSS.

Affected version: <= 3.3.0 (all versions yet)  
Including Custom Edition I guess.

Usage of "v-html" tag should be really careful in vue. I found several unsafe usage in bbs-go webpage which data source might be from any user. It's necessary to filter the rich text before it is posted to the client. Otherwise it will be dangerous.

Here is the XSS attack example screenshot (one of them) :

And the unsafe "v-html" tag for topic content (one of them) :

I will report the poc code after mlogclub team confirm and fix this defect.

CVE-2021-38221: There are several stored XSS vulnerabilities · Issue #112 · mlogclub/bbs-go

BigBlueButton Greenlight 2.11.1 allows XSS. A threat actor could have a username containing a JavaScript payload. The payload gets executed in the browser of the victim in the "Share room access" dialog if the victim has shared access to the particular room with the attacker previously.

**Description**

BigBlueButton’s front-end interface Greenlight version 2.11.2 (or earlier) is vulnerable to stored Cross-Site Scripting (XSS) in the “Share Room Access” dialog. A threat actor could inject XSS payload in the username field. The payload gets executed in the “Share Room Access” dialog if the victim has shared access to the room with the attacker previously.

**Affected Component**

BigBlueButton/Greenlight

**Attack Type**

Remote

**Attack Vectors**

To exploit the vulnerability, an attacker needs an active user account in the Greenlight application. Additionally, the victim needs to have shared access to a room with the attacker.

**Reference**

https://github.com/bigbluebutton/greenlight/releases/tag/release-2.12.0.

**Discoverer**

mgm security partners found this vulnerability during a security analysis of the BigBlueButton software ordered by the Federal Office for Information Security in Germany (BSI).

**Timeline**

*   4 March 2022: the vulnerability was reported to the BigBlueButton developer team
*   15 April 2022: Greenlight version 2.12.0 containing the patch for the reported vulnerability was released

CVE-2022-26497: CVE-2022-26497: BigBlueButton Greenlight XSS

Multiple cross-site scripting (XSS) vulnerabilities in Neos CMS allow attackers with the editor role or higher to inject arbitrary script or HTML code using the editor function, the deletion of assets, or a workspace title. The vulnerabilities were found in versions 3.3.29 and 8.0.1 and could also be present in all intermediate versions.

**Metaverse as  
unique as its users**

Neos Metaverse is a revolutionary virtual community; a peer-to-peer, real-time collaboration platform for creators, educators and communities powered by the versatile Neos Engine.  
Join the metaverse and join us on our mission to provide diversity, individuality & creative freedom.

**One platform, near-endless solutions.**

Neos Metaverse - also known as NeosVR - has been designed to be a truly versatile and customizable creative environment complete with an innovative visual scripting language LogiX.

Leverage the power of Neos, build content with advanced editing tools, connect with the virtual community, explore countless ways of self-expression and accelerate your workflows through real-time virtual collaboration to create authentic immersive experiences.

**Create. Inspire. Amaze.**

Neos for creators

Whether you choose to make stunning art with brushes, material guns and shape tools - hanging your unique creations on the walls of your virtual home - or you prefer to have fun building jet packs, swinging ropes or gravity lifts, completely in-game and in real-time collaboration, Neos distinctive features enable you to explore the realms of true, real creative freedom. What’s more, custom animations, interactions and special effects can be effortlessly added with our powerful visual scripting language and tools.

**Play. Share. Have Fun.**

Neos for communities

Be whoever you want to be and roam the metaverse with friends from all over the world; experiment with advanced full-body tracking and haptic feedback, express yourself through dance & singing or pull off an epic break-dance battle. Neos Metaverse can connect you with your favorite artists and streamers and provide you with a powerful platform to participate in various meetings and events.

**Educate. Simulate. Collaborate.**

Neos for educators and businesses

Immersive experiences have a significant positive impact on memory retention and overall performance in both educational and business settings. Neos enables you and your audiences to experience the magnitude of the universe unraveling in front of you; allowing you to create accurate technical simulations and give lectures in your field of expertise.

**Neos Credits****A purpose-built peer-to-peer digital currency**

Neos Credits (NCR) is the official metaverse cryptocurrency of Neos, designed to serve our evolving community of creators and users.  
A decentralized Neos Store market place powered by NCR will enable a rich in-game economy resulting in an even greater amount of content for users to enjoy and in a great way for creators to make a living by monetizing their awesome work.  
To learn more about our mission, vision and tokenomics please read our whitepaper.

Read whitepaper

Prices may not be up to date, last checked  \--:--

**Neos ICO**

Batch Progress

Minting Batch: 444/500  
Next Batch: +1.25% minting price

Total Progress

Minted via Ethereum:  36,956,705.74 NCR  
Minted via Patreon: 1,985,046.20 NCR

**NCR Minting Price**

$**14.728223**

0x7CCBac6D333838608be0c40E124381016F4c81Fc \*

\*By sending Ethereum to this address, you agree to all terms in the Neos Whitepaper.  
‍‍  
Please don't send buy transactions directly from an exchange as potentially you will be unable to prove your NCR ownership.  

**ERC20 Wallets**

**Progress Graph**

**Everything you need  
in one platform**

Neos Metaverse has been engineered to revolutionize workflows in virtual collaboration and bring together communities online from all over the world. Creators, educators and global communities can build and distribute immersive experiences in a real-time virtual space. Neos is available in 20+ languages and supports a variety of virtual reality headsets as well as desktop mode so you can enjoy the gameplay wherever you are.

Use Neos as your VR and metaverse platform for games, learning, business and training. Explore your imagination.

Download Neos

**Accelerate time to production**

Put a stop to tedious importing/exporting processes and import over 40 different 3D model formats and a variety of media with a mere click. Take advantage of Neos fluid export capabilities and move your creations into various 3D modeling applications and game engines.

**Leverage the power of LogiX**

Choose from the arsenal of creative tools, brushes and materials prepared by our community or build your own. With no-code, node based LogiX visual scripting system you can make your own tools, simulations and games right within VR.    

**Ferociously dynamic, beautifully simple.  
Meet Neos Engine.**

Neos Engine is a state-of-the-art metaverse engine offering effortless multiplayer synchronization, content interoperability and content persistence thanks to its own advanced data model.  
It gives our users the ability to load worlds dynamically, switch between them instantly and creators the power to build worlds without the use of a third party game engine or SDKs directly in Neos.    
Automatic interoperability between all parts of the system allows for powerful, often unforseen, interactions involving assets by multiple creators that weren't specifically designed to work together. It just works - like in real life.  

**Transforming virtual collaboration**

Neos Metaverse enables users to create content and experiences in real time within VR and in collaboration with other people. Artists, designers, educators; communities or globally distributed teams can all build together in a virtual reality environment, run multiple sessions at the same time and access digital assets from any world.

**Hardware agnostic performance**

Neos is designed to work with the majority of VR headsets, as well as being able to switch to fully fledged desktop mode instantly - enabling you to spend more time creating and less time transitioning between environments and implementing SDKs. Thanks to our automatic content update process, your content remains fully functional in all future versions of Neos.  

**Your privacy is our priority**

With an easy to use permission system you can restrict who can join and what others can do in your worlds. Private local P2P sessions give you peace of mind, knowing that you have full ownership and control over your data. You can optionally take advantage of the centralized Neos Cloud giving you the most convenient experience.

**Advanced full body avatars**

Our advanced avatar system allows for importing, building and customizing avatars completely in-game. Neos supports enhanced facial and body tracking, haptic feedback, interactive dynamic bones and a fully configurable, full body IK system with up to 11 tracking points so everyone can see and react to your facial expressions and body language; bringing you even closer to those you’re collaborating with.  

**Metaverse Training Centre**

Our team of volunteers from all over the world takes great pride in creating a welcoming and supportive onboarding experience. Neos Metaverse Training Center is a true hub of knowledge where you can learn anything from setting up your avatars, visual scripting or simply drawing inspiration from our gallery of creations.  

For a full list of features please visit our Wiki

**Here's where we're going**

Neos Masterplan  
‍  
Our aim is to accelerate the transition to virtual collboration and to become a global platform of choice for everyone with their hearts in a mission for diversity, inclusivity and democracy, serving as an inspiration and example to the rest of the world.

Neos Masterplan  
‍  
Our aim is to accelerate the transition to virtual collboration and to become a global platform of choice for everyone with their hearts in a mission for diversity, inclusivity and democracy, serving as an inspiration and example to the rest of the world.

A full roadmap is available at GitHub

**Our mission and story**

Our aim is to accelerate the transition to virtual collaboration and to become a global platform of choice for everyone with a passion for diversity and inclusivity serving as an inspiration and example to the rest of the world.

Neos started as a virtual reality educational app and educational pilot project called World of Comenius at a grammar school that over time evolved into a full-scale metaverse engine. The very first educational demo enabled users to view human anatomy, play with atoms, force fields and robots.

Soon it became clear that the key to a truly useful and organized immersive experience was user interaction and content persistency - and that is how Neos, as a social metaverse, emerged. Thanks to funding from various investors and our very supportive community, Neos has grown into a versatile, feature-rich metaverse platform complete with its own cryptocurrency and continues to change the landscape of virtual reality experiences.

Current development roadmap is available at GitHub

CVE-2022-30429: Neos Metaverse

**Component Type:** neos/neos  
**Vulnerability Type: XSS**  
**Severity:** medium  
**Affected Versions:** Neos from version 3.3 upwards  
Fixed Versions: 5.3.10, 7.0.9, 7.1.7, 7.2.6, 7.3.4, 8.0.2

The notification module displaying flash messages unscapes HTML coming from the server, resulting in XSS vulnerabilities with various names and labels of entities (eg. workspace title or media title).

This however means you must be a logged in user with respective rights in the first place to leverage the attack vector.

**Fixing the Issue**

To fix the issue, you need to update neos/neos to the newest bugfix version.

Note: The last supported version for security fixes is Neos 5.3. If you are still using an earlier Neos version we urge you to update immediately anyway.

Make sure you have at least one of the following versions after updating: 

*   5.3.10
*   7.0.9
*   7.1.7
*   7.2.6
*   7.3.4
*   8.0.2

**Credits**

Thanks to **Nina Wagner** of it.sec GmbH who **reported** the issue to us. And to **Christian Müller** for fixing it!

**Getting Help**

In case you are unsure about the issue, don't hesitate to contact the Neos team on Slack (#neos-general) or through the other communication channels!

CVE-2022-30429: XSS in various backend modules

A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been rated as problematic. This issue affects the file /admin/?page=system_info/contact_info. The manipulation of the textbox Telephone with the input <script>alert(1)</script> leads to cross site scripting. The attack may be initiated remotely but requires authentication. Exploit details have been disclosed to the public.

Tag

#xss