CVE-2024-42369

CVE-2024-42369 affects the matrix-js-sdk (JavaScript) where a malicious homeserver can craft a room structure whose predecessors form a cycle. This makes getRoomUpgradeHistory() recursively traverse and hang, and since this method is public and invoked by leaveRoomChain(), leaving a room can trig...

CVE-2024-42369 A room with itself as a its predecessor will freeze matrix-js-sdk

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This...

CVE-2024-7775

The CVE-2024-7775 entry concerns the WordPress plugin Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder. Affected versions are 2.0–2.13.9, where missing input validation in addCustomCode allows authenticated users with Administ...

Lost and Found Information System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Lost and Found Information System v1.0 v1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...

XWiki Platform allows XSS through XClass name in string properties

Impact Is it possible for a user without Script or Programming rights to craft a URL pointing to a page with arbitrary JavaScript. This requires social engineer to trick a user to follow the URL. Reproduction steps 1. As a user without script or programming right, create a non-terminal document...

CVE-2024-43400 XWiki Platform allows XSS through XClass name in string properties

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible for a user without Script or Programming rights to craft a URL pointing to a page with arbitrary JavaScript. This requires social engineer to trick a user to follow the URL. Thi...

mozilla: Use-after-free in JavaScript garbage collection

The Mozilla Foundation Security Advisory describes this flaw as: Unexpected marking work at the start of sweeping could have led to a use-after-free...

Ewon Cosy+ Improper Neutralization / Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-016 Product: Ewon Cosy+ Manufacturer: HMS Industrial Networks AB Affected Versions: Firmware Versions: 21.2s10 and 22.1s3 Tested Versions: Firmware Version: 21.2s7 Vulnerability Type: Improper Neutralization of Input During We...

CVE-2024-23729

The ColorOS Internet Browser com.heytap.browser application 45.10.3.4.1 for Android allows a remote attacker to execute arbitrary JavaScript code via the com.android.browser.RealBrowserActivity component...

Cross Site Scripting(XSS)

Trix editor is vulnerable to Cross Site Scripting. The vulnerability is due to improper handling of text/html content types in the dataTransfer object during paste events, allowing attackers to execute arbitrary JavaScript by tricking users into pasting malicious code...

Ubuntu: Security Advisory (USN-6963-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-43367

Boa (Rust) prior to version 0.19.0 had a bug in AsyncGenerator handling where state could incorrectly change while resolving a promise, leading to an uncaught exception. The issue arises when a code path transitions from a getter on the promise’s then property and violates Boa’s assumption that A...

CVE-2024-43367 Boa has an uncaught exception when transitioning the state of `AsyncGenerator` objects

Boa is an embeddable and experimental Javascript engine written in Rust. Starting in version 0.16 and prior to version 0.19.0, a wrong assumption made when handling ECMAScript's AsyncGenerator operations can cause an uncaught exception on certain scripts. Boa's implementation of AsyncGenerator...

CVE-2024-43357

ECMA-262 is the language specification for the scripting language ECMAScript. A problem in the ECMAScript JavaScript specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security vulnerability, such as type...

CVE-2024-43373 webcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious Bundle

webcrack is a tool for reverse engineering javascript. An arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using the unpack bundles feature in conjunction with the saving...

USN-6963-1: GNOME Shell vulnerability

It was discovered that GNOME Shell incorrectly opened the portal helper automatically when detecting a captive network portal. A remote attacker could possibly use this issue to load arbitrary web pages containing JavaScript, leading to resource consumption or other attacks...

mozilla: Use-after-free in JavaScript garbage collection

The Mozilla Foundation Security Advisory describes this flaw as: Unexpected marking work at the start of sweeping could have led to a use-after-free...

ALSA-2024:5322 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: Firefox: 115.14/128.1 ESR mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shar...

CVE-2024-43368 Trix has a Cross-Site Scripting (XSS) vulnerability on copy & paste

The Trix editor, versions prior to 2.1.4, is vulnerable to XSS when pasting malicious code. This vulnerability is a bypass of the fix put in place for GHSA-qjqp-xr96-cj99. In pull request 1149, sanitation was added for Trix attachments with a text/html content type. However, Trix only checks the...

mozilla: Use-after-free in JavaScript garbage collection

The Mozilla Foundation Security Advisory describes this flaw as: Unexpected marking work at the start of sweeping could have led to a use-after-free...