Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scripting (XSS)

The jQuery prettyPhoto library bundled with many plugins was found to be vulnerable to DOM Cross-Site Scripting XSS. http://www.example.com/prettyPhotogallery/1,/...

WordPress example.html 跨站脚本漏洞

知道创宇安全研究团队 Evi1m0 ：2015.5.7概要WordPress 被爆 DOM XSS 漏洞，数百万站点受影响，该漏洞存在于 WordPress 流行的 Genericons example.html 页面中，默认主题 Twenty Fifteen 及知名插件 Jetpack 都内置了该页面，经过分析发现原来是 example.html 使用了存在 DOM XSS 漏 洞的 jQuery老版本 。11 年 dmethvin 提交 jQuery 1.6.1 版本的 Ticket 9521 , 其原因是由 $ | jQuery 预期的 CSS 选择器在其他情况下可以用于创建 HT...

VulnCheck KEV: CVE-2018-9206

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

Mobile sliding menu - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-108

The mobile sliding menu module integrates the mmenu jQuery plugin for creating slick, app look-alike sliding menus for your mobile website. The module doesn't sufficiently sanitize user supplied text, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fa...

Twenty Fifteen Theme <= 1.1 - DOM Cross-Site Scripting (XSS)

Genericons = 3.2 vulnerable to DOM XSS in the example.html file due to using outdated version of jQuery and vulnerable code. Vulnerable Code: permalink = "genericon-" + window.location.hash.split''1; cssclass = jQuery '.' + permalink .attr'class'; PoC...

Jetpack <= 3.5.2 - Unauthenticated DOM Cross-Site Scripting (XSS)

Genericons = 3.2 vulnerable to DOM XSS in the example.html file due to using outdated version of jQuery and vulnerable code. Vulnerable Code: permalink = "genericon-" + window.location.hash.split''1; cssclass = jQuery '.' + permalink .attr'class'; PoC...

jQuery jui filter rules Plugin 1.0.4 /ajax_create_sql.dist.php 命令执行漏洞

No description provided by source...

Fedora 22 : dokuwiki-0-0.24.20140929c.fc22 (2015-3079)

This update fixes CVE-2015-2172 - There's a security hole in the ACL plugins remote API component. The plugin failes to check for superuser permissions before executing ACL addition or deletion. This means everybody with permissions to call the XMLRPC API also has permissions to set up their own...

Fedora 20 : dokuwiki-0-0.24.20140929c.fc20 (2015-3211)

This update fixes CVE-2015-2172 - There's a security hole in the ACL plugins remote API component. The plugin failes to check for superuser permissions before executing ACL addition or deletion. This means everybody with permissions to call the XMLRPC API also has permissions to set up their own...

Scientific Linux Security Update : ipa on SL7.x x86_64 (20150305)

Two cross-site scripting XSS flaws were found in jQuery, which impacted the Identity Management web administrative interface, and could allow an authenticated user to inject arbitrary HTML or web script into the interface. CVE-2010-5312, CVE-2012-6662 Note: The IdM version provided by this update...

CentOS 7 : ipa (CESA-2015:0442)

Updated ipa packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

jquery-ui: XSS vulnerability in default content in Tooltip widget

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

jquery-ui: XSS vulnerability in jQuery.ui.dialog title option

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

Ruby on Rails: rails-ujs will send CSRF tokens to other origins

I reported this via email a few months ago. Here was my initial email: Hello, I've been playing with getting Rails apps to send CSRF tokens to the wrong domains and I found a few problems. The main motivation for this is in attacking a site that uses Content Security Policy. With CSP enabled, an...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the CrossSlide jQuery crossslide-jquery-plugin-for-wordpress plugin 2.0.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings or conduct cross-site scripting XSS...

CVE-2015-2089

CVE-2015-2089 concerns the CrossSlide jQuery plugin for WordPress (version 2.0.5 and earlier). The vulnerability arises from CSRF flaws in the plugin’s admin flow: parameters such as csj_width, csj_height, csj_sleep, csj_fade, and upload_image pass through the thisismyurl_csj.php page to wp-admin...

jQuery - jui_filter_rules PHP Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 PHP Code Execution in juifilterrules Parsing Library ====================================================== Researcher: Timo Schmid Description =========== juifilterrules1 is a jQuery plugin which allows users to generate a ruleset which could be...

jQuery jui_filter_rules PHP Code Execution Vulnerability

The jQuery juifilterrules parsing library suffers from an arbitrary php remote code execution vulnerability. PHP Code Execution in juifilterrules Parsing Library ====================================================== Researcher: Timo Schmid Description =========== juifilterrules1 is a jQuery plug...

WordPress Cross Slide 2.0.5 Cross Site Request Forgery / Cross Site Scripting

Title: WordPress 'Cross Slide' plugin - XSS/CSRF Version: 2.0.5 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2015/01/26 Download: https://wordpress.org/plugins/crossslide-jquery-plugin-for-wordpress/ Contacted WordPress: 2015/01/26...

CrossSlide jQuery Plugin <= 2.0.5 - Stored XSS & CSRF

The crossslide-jquery-plugin-for-wordpress WordPress plugin was affected by a Stored XSS & CSRF security vulnerability...