263 matches found
Advisory ROSA-SA-2023-2285
software: clamav 0.103.8 WASP: ROSA-CHROME packageevrstring: clamav-0.103.8-1.src.rpm CVE-ID: CVE-2022-20698 BDU-ID: 2022-00587 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Clam AntiVirus software package is related to insufficient input validation. Exploitation of the vulnerability could...
CVE-2023-27133
TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILESX86%\TSplus-RemoteWork\Clients\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remot...
PT-2023-20971 · Tsplus · Tsplus Remote Work
Name of the Vulnerable Software and Affected Versions: TSplus Remote Work version 16.0.0.0 Description: The issue is related to weak permissions for certain file types, including .exe, .js, and .html files, located under the %PROGRAMFILESX86%TSplus-RemoteWorkClientswww folder. This weakness may...
FileBrowser 跨站脚本漏洞
FileBrowser is an open source web file browser. Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a cross-site scripting vulnerability that can be exploited by an attacker to escalate privileges ...
Cross-site Scripting (XSS)
cockpit-hq/cockpit is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to bootstrap.php accepting html files as an upload, which allows an attacker to inject and execute malicious Javascript into the browser...
Cross-Site Scripting (XSS)
serenity.net.services and serenity.net.core are vulnerable to Cross-Site Scripting XSS attacks. The library does not properly check for specific prohibited file types, allowing an attacker to upload malicious .html or .htm files containing XSS payloads...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS such that when users upload temporary files it is possible to upload .html or .htm files containing a malicious payload. The resulting link can be sent to an administrator user. Details Cross-site scripting or X...
CVE-2021-46875
An issue was discovered in eZ Platform Ibexa Kernel before 1.3.1.1. An XSS attack can occur because JavaScript code can be uploaded in a .html or .js file...
Ez Systems eZ Platform 跨站脚本漏洞
Ez Systems eZ Platform is a content management system CMS based on the Symfony framework from Ez Systems, Norway. A security vulnerability exists in eZ Platform Ibexa Kernel versions prior to 1.3.1.1, which stems from JavaScript code that can be uploaded in .html or .js files...
CVE-2023-23937
Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. The upload functionality for updating user profile does not properly validate the file content-type, allowing any authenticated user to bypass this security check by adding a valid...
Cross-site Scripting (XSS)
github.com/gotify/server is vulnerable to cross site scripting. The vulnerability exists in the UploadApplicationImage function in application.go because it allows authenticated users to upload html files where attacker could execute client side scripts...
PT-2022-27792 · Unknown · Gotify Server
Name of the Vulnerable Software and Affected Versions: Gotify server versions prior to 2.2.2 Description: The Gotify server contains an issue that allows authenticated users to upload .html files, which can lead to the execution of client-side scripts if another user opens a link. This could...
CVE-2022-43996
The csafprovider package before 0.8.2 allows XSS via a crafted CSAF document uploaded as text/html. The endpoint upload allows valid CSAF advisories JSON format to be uploaded with Content-Type text/html and filenames ending in .html. When subsequently accessed via web browser, these advisories a...
DOM-based Cross-site Scripting (DXSS) Vulnerability
Description Two CalendarXP products have DXSS vulnerability in common parts of HTML files. CalendarXP FlatCalendarXP through 10.0.1 has DXSS vulnerability in iflateng.htm and nflateng.htm, and CalendarXP PopCalendarXP through 10.0.1 has DXSS vulnerability in ipopeng.htm and npopeng.htm. Proof of...
Read the Docs vulnerable to Cross-Site Scripting (XSS)
Impact This vulnerability allowed a malicious user to serve arbitrary HTML files from the main application domain readthedocs.org/readthedocs.com by exploiting a vulnerability in the code that serves downloadable content from a project. Exploiting this would have required the attacker to get a...
GHSA-98PF-GFH3-X3MP Read the Docs vulnerable to Cross-Site Scripting (XSS)
Impact This vulnerability allowed a malicious user to serve arbitrary HTML files from the main application domain readthedocs.org/readthedocs.com by exploiting a vulnerability in the code that serves downloadable content from a project. Exploiting this would have required the attacker to get a...
Fedora: Security Advisory for libxml2 (FEDORA-2022-aeafd24818)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cross Site Scripting (XSS)
Prestashop is vulnerable to cross site scripting. The product catalog feature allows for an admin to upload arbitrary .html files with...
CVE-2022-1777 Filr - Secure Document Library < 1.2.2.1 - Subscriber+ AJAX Calls
The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. They are are protected with a nonce, however the nonce is leaked on the dashboard. This could allow them to upload...
Total.js CMS Path Traversal
An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the Pages privilege can conduct a path traversal attack ../ to include .html files that are outside the permitted directory. Also, if a page contains a template directive, then the directive will be server side processed...