149 matches found
PT-2022-23767 · Zimbra · Zimbra Collaboration Suite
Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration Suite versions 8.8.15 Description: The issue concerns a reflected XSS in the /h/search?action API endpoint, which accepts parameters called extra, title, and onload that are partially sanitized. This allows for the...
GHSA-5GXC-FXCR-9326 convert-svg-core vulnerable to remote code injection
The package convert-svg-core before 0.6.2 is vulnerable to Remote Code Injection via sending an SVG file containing the payload in an onload attribute. Puppeteer/Chromium used by convert-svg-core will execute any code within that tag, including malicious code. PoC Payload html where the id...
Mako contains Cross-site Scripting vulnerability
Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting XSS protection, which makes it easier for remote attackers to conduct XSS attacks via vectors involving single-quote characters and a JavaScript onLoad event handler for a BODY element...
GHSA-WP32-WQ34-2RQH dijit editor cross-site scripting vulnerability
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element...
CVE-2020-15676
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox 81, Thunderbird 78.3, and Firefox ESR 78.3...
CVE-2020-15676
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox 81, Thunderbird 78.3, and Firefox ESR 78.3...
Design/Logic Flaw
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox 81, Thunderbird 78.3, and Firefox ESR 78.3...
Mozilla: XSS when pasting attacker-controlled data into a contenteditable element
The Mozilla Foundation Security Advisory describes this flaw as: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element...
Mozilla: XSS when pasting attacker-controlled data into a contenteditable element
The Mozilla Foundation Security Advisory describes this flaw as: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element...
Mozilla: XSS when pasting attacker-controlled data into a contenteditable element
The Mozilla Foundation Security Advisory describes this flaw as: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element...
CVE-2020-15676
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox 81, Thunderbird 78.3, and Firefox ESR 78.3...
UBUNTU-CVE-2020-15676
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox 81, Thunderbird 78.3, and Firefox ESR 78.3...
Cross-site Scripting (XSS)
Firefox is vulnerable to cross-site scripting XSS. It sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element...
Mozilla: XSS when pasting attacker-controlled data into a contenteditable element
The Mozilla Foundation Security Advisory describes this flaw as: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element...
Mozilla: XSS when pasting attacker-controlled data into a contenteditable element
The Mozilla Foundation Security Advisory describes this flaw as: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element...
Gallery Photoblocks < 1.1.41 - Unauthenticated Reflected XSS
Also Full Path Disclosure depending on the configuration of the server https:///wp-content/plugins/photoblocks-grid-gallery/admin/partials/photoblocks-edit.php?id="...
Cross-site Scripting (XSS)
simditor is vulnerable to cross-site scripting XSS. The attack can be triggered because it does not sanitize the DOM object properly, allowing an attacker to inject arbitrary Javascript within a malicious SVG element into a victim's browser via the onload parameter...
CVE-2018-19048
Simditor up to version 2.3.21 is affected by a DOM XSS (attackable via an onload attribute in a malformed SVG element). The underlying issue is improper handling/sanitization of SVG onload events, enabling injection of arbitrary JavaScript in the user’s browser. Mitigation: upgrade to version 2.3...
The vulnerability of the dijit.Editor text editor module library simplifies the development of JavaScript- or AJAX-based applications and websites using the Dojo Toolkit. This vulnerability allows attackers to perform cross-site scripting attacks.
The vulnerability of dijit.Editor, a text editor that is part of the modular library for simplifying the development of JavaScript- or AJAX-based applications and Dojo Toolkit websites, is related to the unsafe use of the onload attribute for SVG elements. Exploiting this vulnerability could allo...
CVE-2018-19919
Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php datatitle parameter, as demonstrated by a crafted onload attribute of an SVG element...