17848 matches found
CVE-2024-45800 Multiple mXSS found in snappymail HTML parser
Snappymail is an open source web-based email client. SnappyMail uses the cleanHtml function to cleanup HTML and CSS in emails. Research discovered that the function has a few bugs which cause an mXSS exploit. Because the function allowed too many invalid HTML elements, it was possible with...
SnappyMail -- multiple mXSS in HTML sanitizer
Oskar reports: SnappyMail uses the cleanHtml function to cleanup HTML and CSS in emails. Research discovered that the function has a few bugs which cause an mXSS exploit. Because the function allowed too many invalid HTML elements, it was possible with incorrect markup to trick the browser to "fi...
PT-2024-28668 · Mattermost · Mattermost Desktop App
Name of the Vulnerable Software and Affected Versions: Mattermost Desktop App versions =5.8.0 Description: The issue concerns a flaw in the screen capture functionality of the Mattermost Desktop App, allowing an attacker to silently capture high-quality screenshots via JavaScript APIs...
GHSA-32FJ-R8QW-R8W8 MindsDB Cross-site Scripting vulnerability
A cross-site scripting XSS vulnerability exists in all versions of the MindsDB platform, enabling the execution of a JavaScript payload whenever a user enumerates an ML Engine, database, project, or dataset containing arbitrary JavaScript code within the web UI...
CVE-2024-43793 Halo's editor has a stored XSS vulnerability
Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.19.0 of the Halo project. This vulnerability allows an attacker to execute malicious scripts in the user's browser through specific HTML and JavaScript code, potentially leading to a...
BIT-NODE-2023-39333
Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. This vulnerability...
Adobe Acrobat Reader Annotation Object Page Race Condition Vulnerability
Talos Vulnerability Report TALOS-2024-2011 Adobe Acrobat Reader Annotation Object Page Race Condition Vulnerability September 10, 2024 CVE Number CVE-2024-39420 SUMMARY A time-of-check time-of-use vulnerability exists in Adobe Acrobat Reader 2024.002.20759. A specially crafted Javascript code...
GHSA-9WV6-86V2-598J path-to-regexp outputs backtracking regular expressions
Impact A bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period .. For example, /:a-:b. Patches For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0. These versions add backtrack protection...
CVE-2024-45296
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event...
CVE-2024-45296 path-to-regexp outputs backtracking regular expressions
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event...
CVE-2024-45296
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event...
CVE-2024-45296 path-to-regexp outputs backtracking regular expressions
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event...
CVE-2024-45296 path-to-regexp outputs backtracking regular expressions
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event...
CKEditor < 4.24.0-LTS Multiples Cross-Site Scripting
According to its self-reported version number, the CKEditor application running on the remote host is prior to 4.24.0-LTS. It is, therefore, affected by multiples Cross-Site-Scripting : - In samples that are shipped with production code. The vulnerability allowed to execute JavaScript code by...
Atlassian Confluence < 7.19.26 / 7.20.x < 8.5.14 / 8.6.x < 9.0.1 (CONFSERVER-97720)
The version of Atlassian Confluence Server running on the remote host is affected by a XSS vulnerability as referenced in the CONFSERVER-97720 advisory: - This Reflected XSS and CSRF vulnerability allows an unauthenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser...
CVE-2023-39333
Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. This vulnerability...
CVE-2023-39333
Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. This vulnerability...
CVE-2023-39333
Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. This vulnerability...
BIT-GHOST-2024-23724
Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that "The vendor does not view th...
CVE-2024-45400
ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text editor that extends the context menu with a possibility to open a link in a new tab. A vulnerability in versions of the plugin prior to 1.0.7 allowed a user to execute JavaScript code by abusing the link href attribute. The fix...