Apache Ranger JavaScript Code Injection Vulnerability

Apache Ranger is the Apache Software Foundation's architecture for implementing comprehensive security measures for Hadoop clusters, providing centralized security policy management for core enterprise security requirements such as authorization, billing, and data protection. A security...

Hide My WP <= 4.53 - Stored-Cross Site Scripting (XSS)

An attacker can make a fake attack attempt which will be logged, and can inject JavaScript. PoC curl --referer 'you are using bad filtering for input ript alert"XSS here" ript; :; ;' http://example.com...

RT -- two XSS vulnerabilities

Best Practical reports: RT 4.0.0 and above are vulnerable to a cross-site scripting XSS attack via the user and group rights management pages. This vulnerability is assigned CVE-2015-5475. It was discovered and reported by Marcin Kopec at Data Reliance Shared Service Center. RT 4.2.0 and above ar...

Mozilla Firefox PDF Viewer Same-Origin Bypass Information Disclosure Vulnerability

Mozilla Firefox is an open source WEB browser. Mozilla Firefox PDF Viewer suffers from a security vulnerability that allows remote attackers to construct malicious WEB pages and trick users into parsing them, bypassing the same-origin policy, injecting arbitrary JavaScript into PDF Viewer, and...

MGASA-2015-0302 Updated moodle package fixes security vulnerabilities

In Moodle before 2.8.7, phishing is possible when redirecting to external site using referer headers in error messages CVE-2015-3272. In Moodle before 2.8.7, several web services returning user information did not clean text in text custom profile fields, leading to possible XSS CVE-2015-3274. In...

Updated moodle package fixes security vulnerabilities

In Moodle before 2.8.7, phishing is possible when redirecting to external site using referer headers in error messages CVE-2015-3272. In Moodle before 2.8.7, several web services returning user information did not clean text in text custom profile fields, leading to possible XSS CVE-2015-3274. In...

Slack: OSX slack:// protocol handler javascript injection

The Mac Slack app version 1.1 introduced the slack:// protocol handler. Due to improper input sanitization, arbitrary Javascript code can be run in the context of the client app if the user clicks on a slack:// link on a website or email. I have confirmed this issue still exists in the 1.1.1...

QNAP TS-x09 Turbo NAS Cross Site Scripting

On the 7th of July 2015 I discovered a reflected cross-site scripting XSS vulnerability in QNAP TS-x09 Network Attached Storage devices. Full disclosure was undertaken with the vendor and a CVE-ID has been requested from Mitre. CVE-ID: requested via PGP email 7th July 2015 Author: Mark Cross...

Moodle JavaScript Code Injection Vulnerability

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. A security vulnerability exists in Moodle. An attacker can exploit this vulnerability ...

moodle -- multiple vulnerabilities

Marina Glancy reports: MSA-15-0026: Possible phishing when redirecting to external site using referer header. CVE-2015-3272 MSA-15-0027: Capability 'mod/forum:canposttomygroups' is not respected when using 'Post a copy to all groups' in forum CVE-2015-3273 MSA-15-0028: Possible XSS through custom...

(Pwn2Own) Apple OS X XSS Sandbox Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within certain URLs in the...

Concrete CMS: No csrf protection on index.php/ccm/system/user/add_group, index.php/ccm/system/user/remove_group

crayons There is no csrf protection on index.php/ccm/system/user/addgroup, and index.php/ccm/system/user/removegroup. A malicious POST request can be constructed to add or remove group membership from arbitrary users, if a logged-in admin surfs to a compromised site. For example, a registered use...

mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages

A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...

mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages

A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...

WordPress 4.2 - Persistent Cross-Site Scripting

WordPress 4.2 - Persistent Cross-Site Scripting Source: http://klikki.fi/adv/wordpress2.html Overview Current versions of WordPress are vulnerable to a stored XSS. An unauthenticated attacker can inject JavaScript in WordPress comments. The script is triggered when the comment is viewed. If...

mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages

A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...

Snapchat: Vulnerable to JavaScript injection. (WXS) (Javascript injection)!

Vulnerable to JavaScript injection. WXS Description: Java script injected in activity: net.hockeyapp.android.UpdateActivity with injection String: document.getElementsByTagName'body'0.setAttribute'style', 'background-color: red'; Recommended Solution: Local HTML modifications via malware or other...

Firefox 3 1 to 3 4 remote command execution vulnerability analysis-vulnerability warning-the black bar safety net

0x00 Preface Some time ago, the brother in a lot of the browser in the script-level vulnerabilities upgrade for remote command execution, almost daily all over the market on all domestic browser, which has become many people relish topic. Indeed, in today's this underlyingsecuritygrowing...

Mozilla Firefox - Proxy Prototype Privileged JavaScript Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/exploitation/jsobfu' class Metasploit3 'Firefox Proxy Prototype Privileged Javascript Injection', 'Description' = %q This exploit gains...

Firefox Proxy Prototype Privileged Javascript Injection

This exploit gains remote code execution on Firefox 31-34 by abusing a bug in the XPConnect component and gaining a reference to the privileged chrome:// window. This exploit requires the user to click anywhere on the page to trigger the vulnerability. This module requires Metasploit:...