CVE-2024-23633 Label Studio XSS Vulnerability on Data Import

Label Studio, an open source data labeling tool had a remote import feature allowed users to import data from a remote web source, that was downloaded and could be viewed on the website. Prior to version 1.10.1, this feature could had been abused to download a HTML file that executed malicious...

Cross site scripting

Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting XSS vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary...

aBitGone CommentSafe <= 1.0.0 - Settings Update to Stored XSS via CSRF

Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack. PoC Make an admin open an HTML file containing the following:...

CVE-2024-22876

StrangeBee TheHive 5.1.0 to 5.1.9 and 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting XSS in the case attachment functionality which enables an attacker to upload a malicious HTML file with Javascript code that will be executed in the context of the The Hive application using a specific URL...

CVE-2024-22876

StrangeBee TheHive 5.1.0 to 5.1.9 and 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting XSS in the case attachment functionality which enables an attacker to upload a malicious HTML file with Javascript code that will be executed in the context of the The Hive application using a specific URL...

CVE-2023-4255

An out-of-bounds write issue has been discovered in the backspace handling of the checkType function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes,...

CVE-2023-4255

An out-of-bounds write issue has been discovered in the backspace handling of the checkType function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes,...

CVE-2023-4255

An out-of-bounds write issue has been discovered in the backspace handling of the checkType function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes,...

Race condition

An out-of-bounds write issue has been discovered in the backspace handling of the checkType function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes,...

w3m Security Vulnerabilities

w3m is a WWW-enabled pager from the personal developer Tatsuya Kinoshita. A security vulnerability exists in W3M, which stems from an out-of-bounds write issue found in the checkType function's backspace handling in etc.c. The vulnerability can be triggered by supplying a specially crafted HTML...

Cross site scripting

Headwind MDM Web panel 5.22.1 is vulnerable to cross-site scripting XSS. The file upload function allows APK and arbitrary files to be uploaded. By exploiting this issue, attackers may upload HTML files and share the download URL pointing to these files with the victims. As the file download...

CVE-2023-48701

Statamic CMS (Laravel/Git) suffers a Cross-site Scripting (XSS) via uploaded assets vulnerability (CVE-2023-48701). Before versions 3.4.15 and 4.36.0, HTML files crafted to look like images could be uploaded regardless of MIME validation via front-end Forms assets fields or the authenticated cont...

CVE-2023-48701 Statamic CMS vulnerable to Cross-site Scripting via uploaded assets

Statamic CMS is a Laravel and Git powered content management system CMS. Prior to versions 3.4.15 an 4.36.0, HTML files crafted to look like images may be uploaded regardless of mime validation. This is only applicable on front-end forms using the "Forms" feature containing an assets field, or...

CVE-2023-6142

Dev blog v1.0 allows to exploit an XSS through an unrestricted file upload, together with a bad entropy of filenames. With this an attacker can upload a malicious HTML file, then guess the filename of the uploaded file and send it to a potential victim...

CVE-2023-6142 Dev Blog v1.0 - Stored XSS

Dev blog v1.0 allows to exploit an XSS through an unrestricted file upload, together with a bad entropy of filenames. With this an attacker can upload a malicious HTML file, then guess the filename of the uploaded file and send it to a potential victim...

CVE-2023-1720

Lack of mime type response header in Bitrix24 22.0.300 allows authenticated remote attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via uploading a crafted HTML file through...

CVE-2023-1720 Bitrix24 Stored Cross-Site Scripting (XSS) via File Upload

Lack of mime type response header in Bitrix24 22.0.300 allows authenticated remote attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via uploading a crafted HTML file through...

UBUNTU-CVE-2023-46287

XSS exists in NagVis before 1.9.38 via the select function in share/server/core/functions/html.php...

Cross-site Scripting (XSS)

yamcs-web is vulnerable to Cross-site Scripting XSS. The vulnerability is present because there is insufficient validation when uploading files in the library. This flaw enables an attacker to upload an HTML file that contains arbitrary JavaScript. When a user opens this file, the arbitrary...

CVE-2023-45281

An issue in Yamcs 5.8.6 allows attackers to obtain the session cookie via upload of crafted HTML file...