Multiple vulnerabilities in Movable Type

Overview Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. HTML attribute value injection vulnerability CWE-74 - CVE-2020-5574 Cross-site scripting due to a flaw in processing multiple query strings CWE-79 - CVE-2020-5575 Cross-site request forgery CWE-352 -...

The vulnerability of the Sanitize library for the Ruby programming language allows a hacker to circumvent the restrictions on the use of HTML attributes.

The vulnerability of the Sanitize library for the Ruby programming language is related to input validation errors. Exploiting this vulnerability could allow an attacker to circumvent the specified restrictions on the use of HTML attributes...

Microsoft Internet Explorer Attr nodeValue Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

GHSA-MVJJ-GQQ2-P4HW Cross-Site Scripting in react-dom

Affected versions of react-dom are vulnerable to Cross-Site Scripting XSS. The package fails to validate attribute names in HTML tags which may lead to Cross-Site Scripting in specific scenarios. This may allow attackers to execute arbitrary JavaScript in the victim's browser. To be affected by...

Starbucks: Reflected DOM XSS on www.starbucks.co.uk

Summary: www.starbucks.co.uk is vulnerable to reflected DOM XSS due to 2 seemingly unexploitable issues. The first issue is unfixed for over a year now, 252908, the second issue originates in a 3rd party module called prettyPhoto. Description: Visiting the following link results in a JavaScript...

actionpack Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the simpleformat helper in actionpack/lib/actionview/helpers/texthelper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute...

GHSA-W37C-Q653-QG95 actionpack Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the simpleformat helper in actionpack/lib/actionview/helpers/texthelper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute...

Rocket.Chat: Remote Code Execution in Rocket.Chat Desktop

Summary: The Markdown parser can be tricked into allowing arbitrary Javascript leading to "remote code execution". Description: By combining the "link" and inline code block we can trick the parser into breaking out of the current HTML attribute. This allows us to control other attributes of the...

MS15-107: Cumulative Security Update for Microsoft Edge (3096448)

The version of Microsoft Edge installed on the remote Windows host is missing Cumulative Security Update 3096448. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists due to improper handling of objects in memory. A remote attacker can exploit...

WordPress <= 4.2 - Stored XSS

Confirmed vulnerable: WordPress 4.2, 4.1.2, 4.1.1, 3.9.3. Tested with MySQL versions 5.1.53 and 5.5.41. OverviewCurrent versions of WordPress are vulnerable to a stored XSS. An unauthenticated attacker can inject JavaScript in WordPress comments. The script is triggered when the comment is viewed...

Vilistextum 2.6.6 HTML Attribute Parsing Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11979/info Vilistextum is prone to a buffer overflow vulnerability. This issue is exposed when the application parses HTML attributes while converting an HTML file to text/ASCII. Since HTML files will likely originate fro...

Geeklog 1.3.5 HTML Attribute Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5270/info A cross site scripting vulnerability has been reported for Geeklog. Reportedly, Geeklog does not properly sanitize user supplied input before being included when posting comments or writing stories. Geeklog make...

Microsoft Internet Explorer 7/8 HTML Attribute JavaScript URI Security Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35455/info Microsoft Internet Explorer is prone to a security-bypass vulnerability because it fails to properly enforce restrictions on script behavior. An attacker may exploit this issue to bypass restrictions on the...

CVE-2013-6416

Cross-site scripting XSS vulnerability in the simpleformat helper in actionpack/lib/actionview/helpers/texthelper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute...

Cross site scripting

Cross-site scripting XSS vulnerability in the simpleformat helper in actionpack/lib/actionview/helpers/texthelper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute...

CVE-2013-6416

Cross-site scripting XSS vulnerability in the simpleformat helper in actionpack/lib/actionview/helpers/texthelper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute...

GeneralUtil.escapeForHtmlAttribute does not completely escape the given input for use in an html attribute context

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-29826. panel GeneralUtil.escapeForHtmlAttribute only escapes " and it does not escape ' . Furthermore, the method does not html...

CVE-2009-4074

The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting XSS attacks against web sites that have no inherent XSS vulnerabilities, related to the details of output encoding and improper modification of an...

FreeBSD : drupal -- XSS (a6605f4b-4067-11de-b444-001372fd0af2)

The Drupal Security Team reports : When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte...

CVE-2007-0995

Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions...