CVE-2023-33287

A stored cross-site scripting XSS vulnerability in the Inline Table Editing application before 3.8.0 for Confluence allows attackers to store and execute arbitrary JavaScript via a crafted payload injected into the tables...

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Inline Table Editing application before 3.8.0 for Confluence allows attackers to store and execute arbitrary JavaScript via a crafted payload injected into the tables...

Cross site request forgery (csrf)

A vulnerability was found in meitar Inline Google Spreadsheet Viewer Plugin up to 0.9.6 on WordPress and classified as problematic. Affected by this issue is the function displayShortcode of the file inline-gdocs-viewer.php. The manipulation leads to cross-site request forgery. The attack may be...

CVE-2023-33287

A stored cross-site scripting XSS vulnerability in the Inline Table Editing application before 3.8.0 for Confluence allows attackers to store and execute arbitrary JavaScript via a crafted payload injected into the tables...

PT-2023-24270 · Atlassian · Confluence Inline Table Editing

Name of the Vulnerable Software and Affected Versions: Confluence Inline Table Editing versions prior to 3.8.0 Description: A stored cross-site scripting issue allows attackers to store and execute arbitrary JavaScript via a crafted payload injected into the tables. Recommendations: For versions...

CVE-2023-33287

The CVE-2023-33287 entry concerns Atlassian Confluence’s Inline Table Editing prior to version 3.8.0. The vulnerability is a stored XSS that allows an attacker to inject and execute arbitrary JavaScript via a crafted payload into tables. Affected component: Inline Table Editing (Confluence). Root...

WordPress Plugin meitar Inline Google Spreadsheet Viewer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

Actonic Inline Table Editing 跨站脚本漏洞

Actonic Inline Table Editing is a multifunctional tool from Actonic, Germany. A security vulnerability exists in Actonic Inline Table Editing prior to version 3.8.0, which stems from the presence of a stored cross-site scripting XSS vulnerability that allows an attacker to store and execute...

PT-2023-10287 · Meitar · Meitar Inline Google Spreadsheet Viewer Plugin

Name of the Vulnerable Software and Affected Versions: meitar Inline Google Spreadsheet Viewer Plugin versions up to 0.9.6 Description: A vulnerability was found in the meitar Inline Google Spreadsheet Viewer Plugin, which is classified as problematic. The issue affects the displayShortcode...

CVE-2023-33287

A stored cross-site scripting XSS vulnerability in the Inline Table Editing application before 3.8.0 for Confluence allows attackers to store and execute arbitrary JavaScript via a crafted payload injected into the tables...

HTTP Fetch, Windows x64 Command Shell, Bind TCP Inline

Fetch and execute an x64 payload from an HTTP server. Listen for a connection and spawn a command shell Windows x64 Module Options msf use payload/cmd/windows/http/x64/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...

HTTPS Fetch, Windows x64 Pingback, Reverse TCP Inline

Fetch and execute an x64 payload from an HTTPS server. Connect back to attacker and report UUID Windows x64 Module Options msf use payload/cmd/windows/https/x64/pingbackreversetcp msf payloadpingbackreversetcp show actions ...actions... msf payloadpingbackreversetcp set ACTION msf...

HTTP Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an x64 payload from an HTTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/http/x64/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show...

TFTP Fetch, Linux x64 Pingback, Reverse TCP Inline

Fetch and execute an x64 payload from a TFTP server. Connect back to attacker and report UUID Linux x64 Module Options msf use payload/cmd/linux/tftp/x64/pingbackreversetcp msf payloadpingbackreversetcp show actions ...actions... msf payloadpingbackreversetcp set ACTION msf...

TFTP Fetch, Linux Command Shell, Bind TCP Random Port Inline

Fetch and execute an x64 payload from a TFTP server. Listen for a connection in a random port and spawn a command shell. Use nmap to discover the open port: 'nmap -sS target -p-'. Module Options msf use payload/cmd/linux/tftp/x64/shellbindtcprandomport msf payloadshellbindtcprandomport show actio...

HTTP Fetch, Linux x64 Command Shell, Reverse TCP Inline (IPv6)

Fetch and execute an x64 payload from an HTTP server. Connect back to attacker and spawn a command shell over IPv6 Module Options msf use payload/cmd/linux/http/x64/shellreverseipv6tcp msf payloadshellreverseipv6tcp show actions ...actions... msf payloadshellreverseipv6tcp set ACTION msf...

HTTPS Fetch, Linux x64 Command Shell, Bind TCP Inline (IPv6)

Fetch and execute an x64 payload from an HTTPS server. Listen for an IPv6 connection and spawn a command shell Module Options msf use payload/cmd/linux/https/x64/shellbindipv6tcp msf payloadshellbindipv6tcp show actions ...actions... msf payloadshellbindipv6tcp set ACTION msf...

HTTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an x64 payload from an HTTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/http/x64/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp show...

HTTP Fetch, Linux Command Shell, Bind TCP Random Port Inline

Fetch and execute an x64 payload from an HTTP server. Listen for a connection in a random port and spawn a command shell. Use nmap to discover the open port: 'nmap -sS target -p-'. Module Options msf use payload/cmd/linux/http/x64/shellbindtcprandomport msf payloadshellbindtcprandomport show...

HTTP Fetch, Linux Command Shell, Find Port Inline

Fetch and execute an x64 payload from an HTTP server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/http/x64/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options ...show an...