25 matches found
CVE-2023-45815 Viewing wget extractor output while logged in as an admin allows archived JS to execute in the admins context in ArchiveBox
ArchiveBox is an open source self-hosted web archiving system. Any users who are using the wget extractor and view the content it outputs. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicious page designed to...
CVE-2023-45815 Viewing wget extractor output while logged in as an admin allows archived JS to execute in the admins context in ArchiveBox
ArchiveBox is an open source self-hosted web archiving system. Any users who are using the wget extractor and view the content it outputs. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicious page designed to...
Viewing wget extractor output while logged in as an admin allows archived JS to execute in the admins context
Impact Any users who are using the wget or dom extractors and view the content they output. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicious page designed to target your ArchiveBox instance. Malicious JS...
PT-2023-29705 · Unknown +1 · Archivebox +1
Name of the Vulnerable Software and Affected Versions: ArchiveBox affected versions not specified Description: The issue affects users of the wget extractor who view the content it outputs. If a user is logged in to the ArchiveBox admin site in the same browser session and views an archived...
ArchiveBox Cross-Site Scripting Vulnerability
ArchiveBox is ArchiveBox Open Source, a powerful self-hosted Internet archiving solution for collecting, saving and viewing websites you want to save offline. ArchiveBox has a security vulnerability that stems from the presence of a cross-site scripting vulnerability...