Stored XSS using uppercase characters in HTMLEditor

A malicious content author could add a Javascript payload to the href attribute of a link. A similar issue was identified and fixed via CVE-2022-28803. However, the fix didn't account for the casing of the href attribute. An attacker must have access to the CMS to exploit this issue...

GHSA-QW4W-VQ8V-2WCV Stored XSS using uppercase characters in HTMLEditor

A malicious content author could add a Javascript payload to the href attribute of a link. A similar issue was identified and fixed via CVE-2022-28803. However, the fix didn't account for the casing of the href attribute. An attacker must have access to the CMS to exploit this issue...

Silverstipe CMS Stored XSS in custom meta tags

A malicious content author could create a custom meta tag and execute an arbitrary JavaScript payload. This would require convincing a legitimate user to access a page and enter a custom keyboard shortcut. This requires CMS access to exploit...

GHSA-PP74-G2Q5-J4JF Silverstipe CMS Stored XSS in custom meta tags

A malicious content author could create a custom meta tag and execute an arbitrary JavaScript payload. This would require convincing a legitimate user to access a page and enter a custom keyboard shortcut. This requires CMS access to exploit...

XSS via uploaded gpx file

A malicious content author could upload a GPX file with a Javascript payload. The payload could then be executed by luring a legitimate user to view the file in a browser with support for GPX files. GPX is an XML-based format used to store GPS data. By default, Silverstripe CMS will no longer all...

GHSA-VV3R-FXQP-VR3F XSS via uploaded gpx file

A malicious content author could upload a GPX file with a Javascript payload. The payload could then be executed by luring a legitimate user to view the file in a browser with support for GPX files. GPX is an XML-based format used to store GPS data. By default, Silverstripe CMS will no longer all...

PT-2022-23986 · Silverstripe · Silverstripe Cms

Name of the Vulnerable Software and Affected Versions: Silverstripe silverstripe/cms versions 4.11.0 and earlier Description: The issue allows for XSS Cross-Site Scripting attacks. A malicious content author could create a custom meta tag and execute an arbitrary JavaScript payload. This would...

Easy Form Builder < 3.4.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Navigate to New Form » go to the Settings...

Cross-site Scripting (XSS)

spark-core2.12 is vulnerable to cross-site scripting. The vulnerability exists because the loadMore function of log-view.js does not properly escape the log content rendered in UI, allowing an attacker to inject and execute a malicious JavaScript payload into the logs...

Cross-site Scripting (XSS)

Zinc is vulnerable to cross-site scripting. The vulnerability exists due to the delete template functionality in User.vue incorrectly escaping the id attribute before being rendered, allowing an attacker to inject and execute a malicious JavaScript payload...

Cross-site Scripting (XSS)

Zinc is vulnerable to cross-site scripting. The vulnerability exists because the delete template functionality in Template.vue incorrectly escapes the name attribute before being rendered, allowing an attacker to inject and execute a malicious JavaScript payload...

Cross site scripting

In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete user functionality. When an authenticated user deletes a user having a XSS payload in the user id field, the javascript payload will be executed and allow an attacker to access the user’s...

CVE-2022-32172 Zinc - Cross-Site Scripting

In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete template functionality. When an authenticated user deletes a template with a XSS payload in the name field, the Javascript payload will be executed and allow an attacker to access the user’...

CVE-2022-37028

ISAMS 22.2.3.2 is prone to stored Cross-site Scripting XSS attack on the title field for groups, allowing an attacker to store a JavaScript payload that will be executed when another user uses the application...

Cross site scripting

ISAMS 22.2.3.2 is prone to stored Cross-site Scripting XSS attack on the title field for groups, allowing an attacker to store a JavaScript payload that will be executed when another user uses the application...

CVE-2022-37028

ISAMS 22.2.3.2 is prone to stored Cross-site Scripting XSS attack on the title field for groups, allowing an attacker to store a JavaScript payload that will be executed when another user uses the application...

CVE-2022-37028

ISAMS 22.2.3.2 is prone to stored Cross-site Scripting XSS attack on the title field for groups, allowing an attacker to store a JavaScript payload that will be executed when another user uses the application...

TikTok: Stored XSS in the ticketing system

A Stored Cross-Site Scripting XSS vulnerability was found on a TikTok Seller endpoint, which could have resulted in a JavaScript payload injected into the endpoint causing it to be executed within the context of the victim's browser. We thank @codeslayer137 for reporting this to our team...

TikTok: XSS at TikTok Ads Endpoint

Vulnerability description not provided...

CVE-2022-34911

An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1. XSS can occur in configurations that allow a JavaScript payload in a username. After account creation, when it sets the page title to "Welcome" followed by the username, the username is...