GHSA-XP5H-F8JF-RC8Q rails-ujs vulnerable to DOM Based Cross-site Scripting contenteditable HTML Elements

NOTE: rails-ujs is part of Rails/actionview since 5.1.0. There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML...

rails-ujs vulnerable to DOM Based Cross-site Scripting contenteditable HTML Elements

NOTE: rails-ujs is part of Rails/actionview since 5.1.0. There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML...

Stored cross-site scripting via RSS feed

Description Due to the improper handling of RSS titles in inc/parser/xhtml.php, a malicious RSS feed can be used to inject arbitrary HTML elements into the page, resulting in cross-site scripting. inc/parser/xhtml.php line 1292-1294 javascript else $this-doc .= ' '.$item-gettitle; Proof of Concep...

Stored Cross-Site Scripting (XSS)

apacheairflow is vulnerable to Stored Cross-Site Scripting XSS attacks. The library uses template literals to construct html elements, which allows an attacker to execute malicious JavaScript on victim's browser through XSS payloads stored on the application server...

Cross-Site Scripting (XSS)

rails is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to a lack of user-input sanitization in HTML elements, which allows an attacker to inject and execute arbitrary JavaScript into the browser...

Cross-site Scripting (XSS)

enshrined/svg-sanitize is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the cleanUnsafeNodes function in Sanitizer.php does not properly sanitize the HTML elements within CDATA, which allows an attacker to launch an XSS attack with the unsafe SVG file...

svg-sanitizer has Cross-site Scripting Bypass

Update In 88 we have determined that the bypass this security advisory was created for, was a false positive and as such we have requested that the CVE be rejected. A bypass has been found that allows an attacker to upload an SVG with persistent XSS. HTML elements within CDATA needed to be...

CVE-2023-28426

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: GHSA-xrqq-wqh4-5hg2. Reason: Further investigation showed that this CVE was assigned in error. Notes: See https://github.com/darylldoyle/svg-sanitizer/issues/88 for a technical discussion...

DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements

NOTE: rails-ujs is part of Rails/actionview since 5.1.0. There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML...

SUSE CVE-2018-18500

A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird 60.5, Firefox ESR 60.5, and...

SUSE CVE-2020-4054

In Sanitize RubyGem sanitize greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's "relaxed" config, or a custom config that allows certain elements, some content in a math or svg element may not be sanitized...

Stored Cross-site Scripting (XSS)

wallabag/wallabag is vulnerable to Stored Cross-site Scripting XSS. The vulnerability exists in share.html.twig due to lack of validations on HTML elements, which allows an attacker to inject and execute malicious JavaScript though the name field...

Cross-site Scripting (XSS)

tinymighty/wiki-seo is vulnerable to Cross-Site Scripting XSS. The vulnerability exist in the Meta Property Tag Handler parameter of WikiSEO.body.php due to the lack of validation in the html elements when adding a user which allows an attacker to inject and execute malicious JavaScript...

CVE-2023-23942

The Nextcloud Desktop Client is a tool to synchronize files from a Nextcloud Server with your computer. Versions prior to 3.6.3 are missing sanitisation on qml labels which are used for basic HTML elements such as strong, em and head lines in the UI of the desktop client. The lack of sanitisation...

GHSA-65P8-5423-FW3X Pimcore XSS Vulnerability

Pimcore 6prior to 6.3.0 has XSS in the translations grid because bundles/AdminBundle/Resources/public/js/pimcore/settings/translations.js mishandles certain HTML elements...

Pimcore XSS Vulnerability

Pimcore 6prior to 6.3.0 has XSS in the translations grid because bundles/AdminBundle/Resources/public/js/pimcore/settings/translations.js mishandles certain HTML elements...

The vulnerability of the Advanced Content Filter WYSIWYG-editor CKEditor module allows a violator to circumvent the existing policy regarding access restrictions for HTML elements.

The vulnerability of the Advanced Content Filter WYSIWYG-editor CKEditor is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow an attacker to circumvent existing policies regarding access restrictions for HTML elements...

Sanitization bypass in SVG Sanitizer

The SVG sanitizer library enshrined/svg-sanitize before version 0.15.0 did not remove HTML elements wrapped in a CDATA section. As a result, SVG content embedded in HTML fetched as text/html was susceptible to cross-site scripting. Plain SVG files fetched as image/svg+xml were not affected...

A cross-site scripting vulnerability

Description Impact SVG sanitizer library before version 0.15.0 did not remove HTML elements wrapped in a CDATA section. As a result, SVG content embedded in HTML fetched as text/html was susceptible to cross-site scripting. Plain SVG files fetched as image/svg+xml were not affected. Patches This...

A cross-site scripting vulnerability

Impact SVG sanitizer library before version 0.15.0 did not remove HTML elements wrapped in a CDATA section. As a result, SVG content embedded in HTML fetched as text/html was susceptible to cross-site scripting. Plain SVG files fetched as image/svg+xml were not affected. Patches This issue is fix...