Acronis: XSS on https://partners.acronis.com/

Hello, I found DOM XSS on login page of https://partners.acronis.com/ Open this URL https://partners.acronis.com/en-us/profile/login.html?-back=test123" and search for var back =. Here input is HTML encoded but from that reflected value, element is created and appended to the form. F983552 We can...

Adobe Experience Manager (AEM) Stored Cross-Site Scripting Vulnerability

Adobe Experience Manager is an enterprise content management solution that helps you streamline the management and delivery of your content and assets. A stored cross-site scripting vulnerability exists in Adobe Experience Manager AEM. An attacker can exploit this vulnerability to execute arbitra...

Adobe Experience Manager (AEM) Cross-Site Scripting Vulnerability (CNVD-2020-51769)

Adobe Experience Manager is an enterprise content management solution that helps you simplify the management and delivery of your content and assets. A cross-site scripting vulnerability exists in Adobe Experience Manager AEM. An attacker can exploit this vulnerability to execute arbitrary...

Adobe Experience Manager (AEM) stored cross-site scripting vulnerability (CNVD-2020-52152)

Adobe Experience Manager is an enterprise content management solution that helps you streamline the management and delivery of your content and assets. A stored cross-site scripting vulnerability exists in Adobe Experience Manager AEM. An attacker can exploit this vulnerability to execute arbitra...

Adobe Experience Manager (AEM) Forms stored cross-site scripting vulnerability (CNVD-2020-52155)

Adobe Experience Manager AEM Forms is an enterprise document and forms platform that lets you capture and process information, deliver personalized communications, and protect and track sensitive information. A stored cross-site scripting vulnerability exists in Adobe Experience Manager AEM Forms...

Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers

UPDATE Adobe has released fixes addressing five critical flaws in its popular Experience Manager content-management solution for building websites, mobile apps and forms. The cross-site scripting XSS flaws could allow attackers to execute JavaScript in targets’ browsers. Including Adobe Experienc...

APSB20-56 Security update available for Adobe Experience Manager

Adobe has released updates for Adobe Experience Manager AEM and the AEM Forms add-on package. These updates resolve vulnerabilities rated Critical and Important. Successful exploitation of these vulnerabilities could result in arbitrary JavaScript execution in the browser...

Brave Software: Arbitrary file download due to bad handling of Redirects in WebTorrent

Summary: Previously I reported 963155 how an attacker can trick user into downloading malicious files using ".save torrent" feature, In this report I am going to reproduce the same behavior but by abusing a different feature. Description While I was testing webtorrent on brave I noticed that...

GHSA-25V4-MCX4-HH35 Cross-Site Scripting in atlasboard-atlassian-package

All versions of atlasboard-atlassian-package prior to 0.4.2 are vulnerable to Cross-Site Scripting XSS. The package fails to properly sanitize user input that is rendered as HTML, which may allow attackers to execute arbitrary JavaScript in a victim's browser. This requires attackers being able t...

Cross-Site Scripting in takeapeek

All versions of takeapeek are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize filenames, allowing attackers to execute arbitrary JavaScript in the victim's browser through files with names containing malicious code. Recommendation No fix is currently available. Consider usin...

GHSA-V9WP-8R97-V6XG Cross-Site Scripting in jquery.json-viewer

Versions of jquery.json-viewer prior to 1.3.0 are vulnerable to Cross-Site Scripting XSS. The package insufficiently sanitizes user input when creating links, and concatenates the user input in an tag. This allows attackers to create malicious links with JSON payloads such as: "foo":...

GHSA-G7MW-5CQ6-FV82 Cross-Site Scripting in wangeditor

All versions of wangeditor are vulnerable to Cross-Site Scripting. The package fails to properly encode output, allowing arbitrary JavaScript to be inserted in links and executed by browsers. Recommendation No fix is currently available. Consider using an alternative module until a fix is made...

Arbitrary JavaScript Execution in typed-function

Versions of typed-function prior to 0.10.6 are vulnerable to Arbitrary JavaScript Execution. Function names are not properly sanitized and may allow an attacker to execute arbitrary code. Recommendation Upgrade to version 0.10.6 or later...

GHSA-3QH4-R86R-GRVM Arbitrary JavaScript Execution in typed-function

Versions of typed-function prior to 0.10.6 are vulnerable to Arbitrary JavaScript Execution. Function names are not properly sanitized and may allow an attacker to execute arbitrary code. Recommendation Upgrade to version 0.10.6 or later...

GHSA-49RV-G7W5-M8XX Cross-Site Scripting in @novnc/novnc

Versions of @novnc/novnc prior to 0.6.2 are vulnerable to Cross-Site Scripting XSS. The package fails to validate input from the remote VNC server such as the VNC server name. This allows an attacker in control of the remote server to execute arbitrary JavaScript in the noVNC web page. It affects...

CVE-2020-19007

Halo blog 1.2.0 allows users to submit comments on blog posts via /api/content/posts/comments. The javascript code supplied by the attacker will then execute in the victim user's browser...

Brave Software: Arbitrary file download via "Save .torrent file" option can lead to Client RCE and XSS

Summary: An attacker can use the "Save .torrent file" option in WebTorrent to smuggle malicious files onto the client's machine. Description Brave allows users to download the ".torrent" via WebTorrent. WebTorrent decides whether a file is torrent or not based on the following headers...

Cross-site scripting vulnerability in TinyMCE

Impact A cross-site scripting XSS vulnerability was discovered in the core parser. The vulnerability allowed arbitrary JavaScript execution when inserting a specially crafted piece of content into the editor via the clipboard or APIs. This impacts all users who are using TinyMCE 4.9.10 or lower a...

BugPoC: XSS Challenge #2 Solution

Summary: An attacker can achieve arbitrary JavaScript execution in the context of the user's session on calc.buggywebsite.com. This is possible due to a weak origin check in the message event handler in http://calc.buggywebsite.com/frame.js as well as improper handling of the message data, allowi...

Design/Logic Flaw

In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before 20.04.1, certain places could execute file or folder names containing JavaScript...