Silverstripe CMS malicious file upload enables script execution

Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions for example HTML code in a TXT file. When these files are stored as protected or draft files, the MIME detection can cause browsers to execute the file contents. Upload...

Stored XSS vulnerability in Jenkins Deployer Framework Plugin

Deployer Framework Plugin is a framework plugin allowing other plugins to provide a way to deploy artifacts. Deployer Framework Plugin 1.2 and earlier does not escape the URL displayed in the build home page. This results in a stored cross-site scripting XSS vulnerability exploitable by users abl...

GHSA-RM24-25XM-9454 Mattermost Server: Files may be rendered inline instead of downloaded, allowing script execution

An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window...

Cross-site Scripting (XSS)

Overview publifycore is a Core engine for the Publify blogging system, formerly known as Typo. Affected versions of this package are vulnerable to Cross-site Scripting XSS by uploading a specially crafted HTML file. PoC: POST /admin/resources/upload HTTP/1.1 Host: demo-publify.herokuapp.com Cooki...

WordPress plugin WP Statistics 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP Statistics plugin is vulnerable to a cross-site scripting vulnerability, which stems fro...

Debian DLA-3020-1 : thunderbird - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3020 advisory. Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For Debian 9 stretch, these...

CVE-2020-4047

In affected versions of WordPress, authenticated users with upload permissions like authors are able to inject JavaScript into some media file attachment pages in a certain way. This can lead to script execution in the context of a higher privileged user when the file is viewed by them. This has...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:1748-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1748-1 advisory. - Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the...

Debian DSA-5141-1 : thunderbird - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5141 advisory. - Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox...

Cisco Common Services Platform Collector 跨站脚本漏洞

Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...

Cisco Common Services Platform Collector 跨站脚本漏洞

Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...

SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:1731-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1731-1 advisory. - Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin,...

CVE-2022-22777

The Web Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management contains easily exploitable Reflected Cross Site Scripting XSS vulnerabilities that allow an unauthenticated attacker with network access to execute scripts targeting the affected system or the...

Aruba ClearPass Policy Manager 跨站脚本漏洞

Aruba ClearPass Policy Manager is an application of Aruba, Inc. that provides a secure access management system for wireless networks. cross-site scripting is present in Aruba ClearPass Policy Manager versions 6.10.4 and earlier, 6.9.9 and earlier, and 6.8.9-HF2 and earlier. vulnerability. An...

PT-2022-15664 · Tibco · Tibco Jasperreports Server +5

Name of the Vulnerable Software and Affected Versions: TIBCO JasperReports Server versions 8.0.1 and below TIBCO JasperReports Server - Community Edition versions 8.0.1 and below TIBCO JasperReports Server - Developer Edition versions 8.0.0 and below TIBCO JasperReports Server for AWS Marketplace...

Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis

This blog post was authored by Hossein Jazi and Jérôme Segura Populations around the world—and in Europe in particular—are following the crisis in Ukraine very closely, and with events unfolding on a daily basis, people are hungry for information. Although all countries have reasons to be...

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the managefiltereditpage.php. An attacker can inject arbitrary code by crafting a malicious project name. This is only exploitable if the attacker has access rights...

Cross-site Scripting (XSS)

Overview modx/revolution is a Content Management System. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the parseCustomData function in the update.class.php file. An attacker can execute arbitrary scripts in the context of a user's browser by injecting malicious...

GHSA-372Q-33VH-8MPC Inconsistent documentation in Apache Tomcat

As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.45 to 8.0.47 and 7.0.79 to 7.0.82 included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not correct. As a...

Jenkins Groovy Plugin sandbox bypass vulnerability

Jenkins Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. This allowed users with...