HaxCMS has a stored Cross-Site Scripting (XSS) bypass in its saveNode endpoint

Summary HaxCMS is affected by a stored cross-site scripting XSS vulnerability in the /system/api/saveNode endpoint. An authenticated user with a permission to edit pages can bypass the HTML sanitizer by injecting an event handler attribute without whitespace before the attribute name. For example...

PT-2026-34299

Name of the Vulnerable Software and Affected Versions Bread & Butter versions prior to 8.2.0.26 Description Stored Cross-Site Scripting is possible via the 'breadbutter-customevent-button' shortcode. The customEventShortCodeButton function fails to apply proper input sanitization and output...

CVE-2026-29106

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, the value of the returnid request parameter is copied into the value of an HTML tag attribute which is an event handler and is encapsulated in double quotati...

CVE-2023-40013 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in external-svg-loader

SVG Loader is a javascript library that fetches SVGs using XMLHttpRequests and injects the SVG code in the tag's place. According to the docs, svg-loader will strip all JS code before injecting the SVG file for security reasons but the input sanitization logic is not sufficient and can be trivial...

XSS Stored inside help links onevent attribute

📜 Description Cross-site scripting XSS is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. The persistent or stored XSS vulnerability is a more devastating variant of a...

CVE-2019-12367

The BlueMail application through 1.9.5.36 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...

CVE-2019-12370

The Spark application through 2.0.2 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...

CVE-2019-12368

The Edison Mail application through 1.7.1 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...

Cross site scripting

The Edison Mail application through 1.7.1 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...

Cross site scripting

The Spark application through 2.0.2 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...

CVE-2017-6913

Cross-site scripting XSS vulnerability in the Open-Xchange webmail before 7.6.3-rev28 allows remote attackers to inject arbitrary web script or HTML via the event attribute in a time tag...

CVE-2018-9140

On Samsung mobile devices with M6.0 software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747...

CVE-2018-9140

On Samsung mobile devices with M6.0 software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747...

Cross-Site Scripting (XSS) in event tag of HTML element

Client-side scripts are used extensively by modern web applications. They perform from simple functions such as the formatting of text up to full manipulation of client-side data and Operating System interaction. Cross Site Scripting XSS allows clients to inject scripts into a request and have th...

PHPOK 存储型 xss两处

简要描述： 前台功能存在存储型 xss，可攻击后台，获取管理员权限。 详细说明： 第一处xss漏洞： 留言功能。 后台的输出点有一处输出如下： 可以看出，我们留言的标题直接输出在 onclick 事件中了，可简单构造 '+alert1+'，管理员删除留言时触发： 此时输出： 第二处xss漏洞： PHPOK 过滤 XSS 的函数如下： function safehtml$info if!$info return false; $tmp = "//isU"; $info = pregreplace$tmp,"",$info; //$info =...

CVE-2010-1208

Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node wit...

DOM attribute cloning remote code execution vulnerability — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the DOM attribute cloning routine where under certain circumstances an event attribute node can be deleted while another object still contains a reference to it. This reference could subsequently be accesse...