cockpit security update

310.8-1.0.1 - Fixed cockpitwst selinux issue for tmpfs Orabug: 36013589 - Move update-motd out of cockpitwst context Orabug: 36013589 - Update documentation links Orabug: 34706402 - Drop subscription-manager-cockpit requirement for ol Orabug: 34681110 - Remove duplicate reference to server in...

CVE-2023-49260

An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminaltool.cgi" path. It can be used together with the vulnerability CVE-2023-49255...

EUVD-2025-203860

An input neutralization vulnerability in the Server MOTD component of Crafty Controller allows a remote, unauthenticated attacker to perform stored XSS via server MOTD modification...

CVE-2025-14701 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Crafty Controller

An input neutralization vulnerability in the Server MOTD component of Crafty Controller allows a remote, unauthenticated attacker to perform stored XSS via server MOTD modification...

PT-2025-51795

Name of the Vulnerable Software and Affected Versions Crafty Controller affected versions not specified Description A flaw exists in the Server MOTD component of Crafty Controller that allows a remote, unauthenticated attacker to inject malicious code through modification of the server MOTD. This...

EUVD-2009-4617

Malware in sbrugna...

EUVD-2018-18309

Malware in sbrugna...

EUVD-2023-53262

Malicious code in bioql PyPI...

update-motd.d Persistence

This module will add a script in /etc/update-motd.d/ in order to persist a payload. The payload will be executed with root privileges everytime a user logs in. Root privileges are likely required to write to /etc/update-motd.d/. Verified on Ubuntu 22.04 Module Options msf use...

📄 Update-motd.d Persistence

This Metasploit module will add a script in /etc/update-motd.d/ in order to persist a payload. The payload will be executed with root privileges every time a user logs in. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framewo...

CVE-2021-20133

Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set the "message of the day" banner to any file on the system, allowing them to read all or some of the contents of tho...

GHSA-Q898-FRWQ-F3QP Minecraft MOTD Parser's HtmlGenerator vulnerable to XSS

Summary The HtmlGenerator class is subject to potential cross-site scripting XSS attack through a parsed malformed Minecraft server MOTD. Context Minecraft server owners can set a so-called MOTD Message of the Day for their server that appears next to the server icon and below the server name on...

Minecraft MOTD Parser's HtmlGenerator vulnerable to XSS

Summary The HtmlGenerator class is subject to potential cross-site scripting XSS attack through a parsed malformed Minecraft server MOTD. Context Minecraft server owners can set a so-called MOTD Message of the Day for their server that appears next to the server icon and below the server name on...

CVE-2024-47765

Minecraft MOTD Parser is a PHP library to parse minecraft server motd. The HtmlGenerator class is subject to potential cross-site scripting XSS attack through a parsed malformed Minecraft server MOTD. The HtmlGenerator iterates through objects of MotdItem that are contained in an object of...

CVE-2024-47765

The CVE-2024-47765 entry describes an XSS vulnerability in the Minecraft MOTD Parser’s HtmlGenerator. The HtmlGenerator builds HTML from MotdItem/MotdItemCollection objects without escaping the color and text inputs, enabling injection of malicious HTML through a crafted MOTD. This affects the Ht...

CVE-2024-47765 Minecraft MOTD Parser's HtmlGenerator vulnerable to XSS

Minecraft MOTD Parser is a PHP library to parse minecraft server motd. The HtmlGenerator class is subject to potential cross-site scripting XSS attack through a parsed malformed Minecraft server MOTD. The HtmlGenerator iterates through objects of MotdItem that are contained in an object of...

CVE-2024-47765 Minecraft MOTD Parser's HtmlGenerator vulnerable to XSS

Minecraft MOTD Parser is a PHP library to parse minecraft server motd. The HtmlGenerator class is subject to potential cross-site scripting XSS attack through a parsed malformed Minecraft server MOTD. The HtmlGenerator iterates through objects of MotdItem that are contained in an object of...

CVE-2024-47765 Minecraft MOTD Parser's HtmlGenerator vulnerable to XSS

Minecraft MOTD Parser is a PHP library to parse minecraft server motd. The HtmlGenerator class is subject to potential cross-site scripting XSS attack through a parsed malformed Minecraft server MOTD. The HtmlGenerator iterates through objects of MotdItem that are contained in an object of...

Minecraft MOTD Parser 安全漏洞

Minecraft MOTD Parser is a PHP library for parsing Minecraft servers by an individual developer jgniecki. A security vulnerability exists in Minecraft MOTD Parser 1.0.5 and earlier versions, which stems from a vulnerability in the HtmlGenerator class that is susceptible to cross-site scripting XS...

CVE-2023-49260

An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminaltool.cgi" path. It can be used together with the vulnerability CVE-2023-49255...