CVE-2023-1783

OrangeScrum 2.0.11 is vulnerable to a flaw in HTML-to-PDF rendering that allows an external attacker to remotely obtain AWS instance credentials. The root cause is improper validation of HTML content during PDF conversion, leading to credentials leakage (impacting confidentiality). The most expli...

CVE-2023-1783 OrangeScrum 2.0.11 - AWS Credentials Leak via PDF Rendering

OrangeScrum version 2.0.11 allows an external attacker to remotely obtain AWS instance credentials. This is possible because the application does not properly validate the HTML content to be converted to PDF...

USN-6077-1 openjdk-8, openjdk-lts, openjdk-17, openjdk-20 vulnerabilities

Ben Smyth discovered that OpenJDK incorrectly handled half-duplex connections during TLS handshake. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. CVE-2023-21930 It was discovered that OpenJDK incorrectly handled certain inputs. An attacker could...

Cross-site Scripting (XSS)

pimcore/pimcore is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the SEO and Settings feature because it does not properly validate the HTML tags, which allows attackers to inject and execute malicious JavaScript into the browser...

Cross-site Scripting (XSS)

backdrop/backdrop is vulnerable to Cross-Site Scripting XSS. The vulnerability exist due to the lack of validation in the html elements when adding a post which allows an admin authenticated attacker to inject and execute malicious JavaScript when a user views a post...

PT-2022-27053 · Unknown · Browsershot

Name of the Vulnerable Software and Affected Versions: Browsershot version 3.57.2 Description: The issue allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the HTML content passed to the Browsershot::html method do...

CVE-2020-6413

Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page...

Computer Repair Shop < 2.0 - Authenticated Stored XSS

Computer Repair Shop is vulnerable to stored XSS. When a user has admin capabilities, malicious code can be submitted through the plugin's options. Fixed in version 2.0. PoC The plugin's options provided a basic HTML validation, which could be bypassed by copying + pasting malicious code into the...

Computer Repair Shop < 2.0 - Authenticated Stored XSS

Computer Repair Shop is vulnerable to stored XSS. When a user has admin capabilities, malicious code can be submitted through the plugin's options. Fixed in version 2.0. The plugin's options provided a basic HTML validation, which could be bypassed by copying + pasting malicious code into the...

CVE-2017-10970

Cross-site scripting XSS vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the diehtmlinputerror function in lib/htmlvalidate.php...

Cross-Site Scripting

Overview Affected versions of sanitize-html are vulnerable to cross-site scripting. Proof of Concept: produces the following: This is definitely invalid HTML, but would suggest that it's being interpreted incorrectly by the parser. Recommendation Update to version 1.2.3 or later. References - Iss...

Outlook Web Access for Exchange Server Elevation of Privilege (953747)

This host is missing critical security update according to Microsoft Bulletin MS08-039. OpenVAS Vulnerability Test $Id: secpodms08-039900007.nasl 8725 2018-02-08 15:16:38Z cfischer $ Description: Outlook Web Access for Exchange Server Elevation of Privilege 953747 Authors: Chandan S Copyright:...