PT-2023-22947 · Sap · Sapui5

Name of the Vulnerable Software and Affected Versions: SAPUI5 versions SAP UI 750, SAP UI 754, SAP UI 755, SAP UI 756, SAP UI 757, UI 700 200 Description: The issue arises from improper neutralization of input in SAPUI5, allowing the injection of untrusted CSS through the sap.m.FormattedText SAPU...

Gitea < 1.19.3 Multiple golang Vulnerabilities

Gitea is prone to multiple vulnerabilities in golang. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitea:gitea"; ifdescription...

SUSE-SU-2023:2127-1 Security update for go1.19

This update for go1.19 fixes the following issues: Update to 1.19.9 bnc1200441: - CVE-2023-24539: fixed an improper sanitization of CSS values bnc1211029. - CVE-2023-24540: fixed an improper handling of JavaScript whitespace bnc1211030. - CVE-2023-29400: fixed an improper handling of empty HTML...

jeansgreens.com Cross Site Scripting vulnerability OBB-3308046

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-24539

A flaw was found in golang where angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if...

GO-2023-1751 Improper sanitization of CSS values in html/template

Angle brackets are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input...

Cross-site Scripting (XSS)

Overview std/html/template is a Go standard library package std/html/template Affected versions of this package are vulnerable to Cross-site Scripting XSS. Go Vulnerability Report:Angle brackets are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple...

SUSE-SU-2023:2105-1 Security update for go1.20

This update for go1.20 fixes the following issues: Update to 1.20.4 bnc1206346: - CVE-2023-24539: Fixed an improper sanitization of CSS values boo1211029. - CVE-2023-24540: Fixed an improper handling of JavaScript whitespace boo1211030. - CVE-2023-29400: Fixed an improper handling of empty HTML...

Golang < 1.19.9 / 1.20.x < 1.20.4 Multiple Vulnerabilities

The version of Golang Go installed on the remote host is affected by multiple vulnerabilities the html/template component: - Angle brackets are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in...

SUSE CVE-2023-24539

Angle brackets are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input...

Debian DSA-5397-1 : wpewebkit - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5397 advisory. - Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Arbitrary File Read in Admin JS CSS files

Impact It was observed that the /admin/misc/script-proxy API endpoint accessible by an authenticated administrator user and is vulnerable arbitrary JavaScript, CSS file read via the "scriptPath" and "scripts" parameters. The "scriptPath" parameter is not sanitized properly and is vulnerable to pa...

GHSA-J5C3-R84F-9596 Arbitrary File Read in Admin JS CSS files

Impact It was observed that the /admin/misc/script-proxy API endpoint accessible by an authenticated administrator user and is vulnerable arbitrary JavaScript, CSS file read via the "scriptPath" and "scripts" parameters. The "scriptPath" parameter is not sanitized properly and is vulnerable to pa...

CVE-2023-30852

Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the /admin/misc/script-proxy API endpoint that is accessible by an authenticated administrator user is vulnerable to arbitrary JavaScript and CSS file read via the scriptPath and scripts parameters. The...

CVE-2023-30852 Pimcore Arbitrary File Read in Admin JS CSS files

Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the /admin/misc/script-proxy API endpoint that is accessible by an authenticated administrator user is vulnerable to arbitrary JavaScript and CSS file read via the scriptPath and scripts parameters. The...

CVE-2023-30852 Pimcore Arbitrary File Read in Admin JS CSS files

Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the /admin/misc/script-proxy API endpoint that is accessible by an authenticated administrator user is vulnerable to arbitrary JavaScript and CSS file read via the scriptPath and scripts parameters. The...

PT-2023-23008 · Pimcore · Pimcore

Name of the Vulnerable Software and Affected Versions: Pimcore versions prior to 10.5.21 Description: Pimcore is an open source data and experience management platform. The /admin/misc/script-proxy API endpoint, accessible by an authenticated administrator user, is vulnerable to arbitrary...

go -- multiple vulnerabilities

The Go project reports: crypto/tls: restrict RSA keys in certificates to = 8192 bits Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. Limit this by restricting the size of RSA keys transmitted during handshakes to = 8192...

ActiveCampaign < 8.1.12 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks As a contributor, add a "AC Forms" Gutenberg block to a...

YellowPencil Visual CSS Style Editor < 7.5.9 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role of Admin to perform Cross-Site Scripting attacks...