Severe Bug Discovered in Signal Messaging App for Windows and Linux

Security researchers have discovered a severe vulnerability in the popular end-to-end encrypted Signal messaging app for Windows and Linux desktops which could allow remote attackers to execute malicious code on recipients system just by sending a message—without requiring any user interaction...

Zimbra Collaboration Suite Cross Site Scripting Vulnerability

Exploit for php platform in category web applications COMPASS SECURITY ADVISORY https://www.compass-security.com CVE ID : CVE-2017-8802 Product: Zimbra Collaboration Suite ZCS 1 Vendor: Synacor Inc. 2 Subject: Stored Cross-Site Scripting XSS Vulnerability Risk: High Effect: Exploitable by Anonymo...

RubyGems: [gem server] Stored XSS via crafted JavaScript URL inclusion in Gemspec

Hi, A JavaScript URL injection in the homepage field within a Gemspec file can be leveraged to achieve stored XSS on the default gem server web interface, referenced here. When you install RubyGems, it adds the gem server command to your system. This is the fastest way to start hosting gems. As...

Concrete CMS: Stored XSS in Headline TextControl element in Express forms [ concrete5 8.1.0 ]

Intro Luke, I am your Crayons! Type of issue: Core CMS issue Level of severity: Internal Attack Vector Concrete5 version: 8.1.0 Summary There is Stored XSS vulnerability in Headline element of TextControl Express element. This vulnerability allows malicious user to embed JavaScript code and execu...

GitLab: [RDoc] XSS in project README files

Hi, While experimenting with parser bypass techniques, I discovered that RDoc markup could be used to inject a stored JavaScript payload into a project README.rdoc file. Please note that this issue is separate to my earlier report 200565 XSS with AsciiDoc markup, marked as duplicate. Steps to...

WordPress Canvas - Shortcodes 1.92 Cross Site Scripting

------------------------------------------------------------------------ Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...

PortSwigger Web Security: XSS in IE11 on portswigger.net via Flash

Hello Portswigger Security Team, There is a reflective XSS vulnerability in portswigger.net. The flash file https://portswigger.net/burp/tutorials/video-js/video-js.swf is from an old video.js library version 3.2.0 which is vulnerable to XSS. This XSS will be blocked by CSP instruction object-src...

chromium-browser: universal xss in bookmarks

Bookmark handling in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation of supplied data, which allowed a remote attacker to inject arbitrary scripts or HTML UXSS via crafted HTML pages, as demonstrated by an interpretation confli...

Concrete CMS: ProBlog 2.6.6 CSRF Exploit

Report Because the ProBlogs plugin did not validate the anti-csrf token on a POST request. A victim who is logged in could be fooled into clicking a malicious form styled to look like a link, image, etc which would create a page in their C5 website. Because the ProBlogs plugin does not validate t...

WordPress Kento Post View Counter 2.8 CSRF / Cross Site Scripting

I would like to disclose CSRF and stored XSS vulnerability in Kento post view counter plugin version 2.8 . The vulnerable Fields for XSS are kentopvcnumberslang kentopvctodaytext kentopvctotaltext The combination of CSRF and XSS in this plugin can lead to huge damage of the website, as the two...

X (Formerly Twitter): XSS using javascript:alert(8007)

I want to report a xss bug. On apps.twitter.com I logged in and start with new app. In new app there is a feild: website: where user has to gave website of app. I just put javascript:alert8007 pay load and popup appears...

SRC-2016-0002 : ATutor LMS Multiple Reflected Cross Site Scripting Vulnerabilities

Vulnerability Details: A total of 704 reflected Cross Site Scripting XSS vulnerabilities were found that can allow remote attackers to inject arbitrary web script or html via unspecified parameters against vulnerable installations of ATutor. User interaction is required to exploit this...

Hide My WP <= 4.51.1 - Stored Cross-Site Scripting (XSS)

An attacker can make a fake attack attempt, with a JavaScripting payload, which will be logged by the plugin, resulting in XSS. The attacker also can spoof their IP address in the logs by setting the X-FORWARDED-FOR header. curl --referer ' // :; ;' --header 'X-FORWARDED-FOR: 8.8.8.8'...

Epicor Retail Store Help System 3.2.03.01.008 Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Title: Code Injection in Epicor Retail Store Help System CVE: CVE-2015-2210 Vendor: Epicor Product: CRS Retail Store v3.2.03.01.008 Affected version: 3.2.03.01.008 Reported by: Zeng Xianbo Joseph [email protected] Issue identified by: Zeng...

Stored XSS Vulnerability found on Atlassian

Hi ! My name is Andi Rrahmani and i am an Independent Security Researcher. I am writing this email to let you know of a Stored XSS Vulnerability that i found on atlassian.com . You will have the POC as an atachment to this report that i am making. Now i will show you in details how i managed to...

Stored XSS Vulnerability found on Atlassian

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47027. panel Hi ! I am writing this email to let you know of a Stored XSS Vulnerability that i found on atlassian.com . You will...

Wordpress Zingiri Web Shop Plugin <= 2.4.2 Persistent XSS

No description provided by source. Wordpress Zingiri Web Shop Plugin = 2.4.2 Stored XSS Exploit Title: Wordpress Zingiri Web Shop Plugin = 2.4.0 Stored XSS Google Dork: Date: 30 Apr 2012 Author: Mehmet Ince Twitter: https://twitter.com/!/mmetince Company: Bilgi Guvenligi Akademisi www.bga.com.tr...

XWiki 4.2-milestone-2 Multiple Stored XSS Vulnerabilities

No description provided by source. Exploit Title: Multiple Stored XSS Vulnerabilities in XWiki. Date: 26/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://www.xwiki.org Software Link: http://enterprise.xwiki.org/xwiki/bin/view/Main/Download Version: 4.2-milestone-2 Gr33Tz:...

WordPress Count per Day Plugin 3.2.5 (counter.php) - XSS Vulnerability

No description provided by source. !/usr/bin/ruby Exploit Title: WordPress Count per Day 3.2.5 CSRF Google Dork: inurl:/wp-content/plugins/count-per-day Date: 18.03.2013 Exploit Author: m3tamantra http://m3tamantra.wordpress.com/blog Vendor Homepage:...

businesswiki 2.5rc3 - Stored XSS & arbitrary file upload

No description provided by source. !/usr/bin/python ''' Exploit Title: Stored XSS & Arbitrary File Upload Vulnerabilities in BusinessWiki. Date: 23/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://onbusinesswiki.com/ Software Link:...