Rockstar Games: DOM based reflected XSS in rockstargames.com/newswire/tags through cross domain ajax request

Hi, I have found a reflected XSS issue in http://www.rockstargames.com/newswire/tags which is , IMO , somekinda tricky. PoC: - URL: http://www.rockstargames.com/newswire/tags/?tags=%2e%2e%2e%2e%2e%2e\commentsdal\users\getGlobalLoginSettings%2ejson?callback=alert%2fxss%2f;%2f%2f - Vulnerable...

SecNews: DOM based XSS in search functionality

Overview === Search query is inserted into the HTML of the page without proper encoding. Specifically, a single-quote is not html-encoded albeit escaped, even twice, which allows the attacker to break out of the HTML attribute and inject arbitrary tags. html curl -s...

Open-Xchange: OX Guard: DOM Based Cross-Site Scripting (#2)

Summary OX Guard's "Guest Reader" is vulnerable to DOM Based XSS. While this report is closely related to 158853, it is not a duplicate. I've had a look at the code introduced by commit 7fdbd307662f0041ed5e45b2f73c6530b79c6124, which I believe was supposed to protect against 158853. Today's repor...

AlienVault USM/OSSIM 5.2 Cross Site Scripting

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: AlienVault USM/OSSIM Vendor URL: www.alienvault.com Type: Cross-Site Scripting CWE-79 Date found: 2016-05-24 Date published: 2016-08-23 CVSSv3 Score: 5.4...

Open-Xchange: OX Guard: DOM Based Cross-Site Scripting

Summary OX Guard's "Guest Reader" is vulnerable to DOM Based XSS. The vulnerable parameter is "templid". The reader.js script see below takes the parameter's value and injects it into the page/DOM without encoding/sanitizing it first. PoC:...

Ubiquiti Inc.: [scores.ubnt.com] DOM based XSS at form.html

Hello, I would like to report that the 130889 bug hasn't been fixed completely. The removeTags function has been added, however an attacker is still able to inject Javascript as parameter values without any HTML tags:...

Informatica: [kb.informatica.com] Dom Based xss

Hi! I found Dom based xss on this subdomain https://kb.informatica.com javaScript security is very important, even more in portals where users store their personal data. Attackers can target those portals to find and exploit High-risk JavaScript vulnerabilities like Dom based xss vulnerabilities...

VK.com: DOM XSS в /activation.php?act=activate_mobile

Поинтересовался тут функцией showOrderBox в API. Увидел там "Тестовое спецпредложение. Тестовое спецпредложение для разработчиков приложений." При щелчке по кнопке "перейти в группу" попал на страницу...

Important: Red Hat Security Advisory: python-django-horizon security update

An update for python-django-horizon is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Important: Red Hat Security Advisory: python-django-horizon security, bug fix, and enhancement update

An update for python-django-horizon is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: python-django-horizon security update

An update for python-django-horizon is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

python-django-horizon: XSS in client side template

A DOM-based, cross-site scripting vulnerability has been identified in the OpenStack dashboard, where user input was not filtered correctly. An authenticated dashboard user could exploit the flaw by injecting an AngularJS template into a dashboard form for example, using an image's description,...

python-django-horizon: XSS in client side template

A DOM-based, cross-site scripting vulnerability has been identified in the OpenStack dashboard, where user input was not filtered correctly. An authenticated dashboard user could exploit the flaw by injecting an AngularJS template into a dashboard form for example, using an image's description,...

Important: Red Hat Security Advisory: python-django-horizon security and bug fix update

An update for python-django-horizon is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CVE-2016-4428

A DOM-based, cross-site scripting vulnerability was found in the OpenStack dashboard, where user input was not filtered correctly. An authenticated dashboard user could exploit the flaw by injecting an AngularJS template into a dashboard form for example, using an image's description, triggering...

Citrix Netscaler 11.0 Build 64.35 Cross Site Scripting

PERSICON Security Advisory ======================================================================= Title: Login Form Hijacking vulnerability Product: Citrix Netscaler Vulnerable Version: 11.0 Build 64.35 Fixed Version: 11.0 Build 66.11 CVE-ID: CVE-2016-4945 Impact: medium found: 2015-04-07 by: Dr...

Uber: DOM based XSS on

Possible Remote code execution DOM based XSS Vuln Jquery param : var strliID=jQuerylocation.attr'hash'; Target: Logged admin Go url https://drive.uber.com/melbourne/wp-admin/admin.php?page=Optionsgallerystyles" Solution : Upgrade latest version gallery plugin Your version v1.9.55 Test my localhos...

Swagger Editor 2.9.9 Cross Site Scripting

Swagger Editor v2.9.9 "description" Key DOM-based Cross-Site Scripting RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Swagger Editor Vendor URL: https://github.com/swagger-api/swagger-editor Type: Cross-Site Scripting CWE-79 Date found:...

Adobe Analytics AppMeasurement for Flash Library Patch

Adobe today patched a vulnerability in the Adobe Analytics AppMeasurement for Flash library, which can be added to Flash projects to measure the usage of Flash-based content. The vulnerability is a DOM-based cross-site scripting flaw that can be abused for cookie theft, said researcher Randy...

APSB16-13 Security update available for the Adobe Analytics AppMeasurement for Flash Library

Adobe has released a security update for the Adobe Analytics AppMeasurement for Flash library. This update resolves an important vulnerability in the AppMeasurement for Flash library that could be abused to conduct DOM-based cross-site scripting attacks when debugTracking is enabled...