127 matches found
How should <selectedoption> work?
We're finally getting a way to fully style & customise elements! But there's a detail I'd like everyone's opinion on. Update: Your feedback was heard, and folks have agreed to change the behaviour here. See the update below. A brief intro to customisable If you want to hear about it in depth, I...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to missing sanitization of the spreadsheet styling information, via the \PhpOffice\PhpSpreadsheet\Writer\Html component. PoC php loadDIR . '/book.xlsx'; $writer = new...
PT-2024-31397 · Phpoffice · Phpspreadsheet
Name of the Vulnerable Software and Affected Versions: PHPSpreadsheet versions prior to 2.1.0 Description: The issue concerns the PhpOfficePhpSpreadsheetWriterHtml component, which fails to sanitize spreadsheet styling information, such as font names. This allows an attacker to inject arbitrary...
Malicious code in styling (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6052 Malicious code in styling (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Testimonial Slider < 2.3.8 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Go to "Testimonial Shortcode" 2. Ad...
BIT-GITLAB-2022-1416
Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows for rendering of attacker controlled HTML tags and CSS styling...
GitLab 1.0.2 < 14.8.6 / 14.9.0 < 14.9.4 / 14.10.0 < 14.10.1 (CVE-2022-1416)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0...
SUSE CVE-2023-6707
Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-27633
Cross-Site Request Forgery CSRF vulnerability in Pixelgrade Customify – Intuitive Website Styling plugin = 2.10.4 versions...
CVE-2023-27633 WordPress Customify Plugin <= 2.10.4 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Pixelgrade Customify – Intuitive Website Styling plugin = 2.10.4 versions...
CVE-2023-27633
The CVE-2023-27633 entry concerns the WordPress plugin Customify (Pixelgrade) with a CSRF vulnerability in versions
WordPress Plugin Customify Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
CVE-2023-41339
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The WMS specification defines an sld= parameter for GetMap, GetLegendGraphic and GetFeatureInfo operations for user supplied "dynamic styling". Enabling the use of dynamic styles,...
Server side request forgery (ssrf)
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The WMS specification defines an sld= parameter for GetMap, GetLegendGraphic and GetFeatureInfo operations for user supplied "dynamic styling". Enabling the use of dynamic styles,...
CVE-2023-41339 Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF in GeoServer
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The WMS specification defines an sld= parameter for GetMap, GetLegendGraphic and GetFeatureInfo operations for user supplied "dynamic styling". Enabling the use of dynamic styles,...
CVE-2023-41339
GeoServer exposes a Server-Side Request Forgery (SSRF) risk via the dynamic styling parameter sld= in GetMap/GetLegendGraphic/GetFeatureInfo when URL checks are not configured. The vulnerability enables an attacker to cause the server to fetch external resources, potentially capturing NetNTLMv2 h...
Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF
Summary The WMS specification defines an sld= parameter for GetMap, GetLegendGraphic and GetFeatureInfo operations for user supplied "dynamic styling". Enabling the use of dynamic styles, without also configuring URL checks, provides the opportunity for Service Side Request Forgery. It is possibl...
GHSA-CQPC-X2C6-2GMF Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF
Summary The WMS specification defines an sld= parameter for GetMap, GetLegendGraphic and GetFeatureInfo operations for user supplied "dynamic styling". Enabling the use of dynamic styles, without also configuring URL checks, provides the opportunity for Service Side Request Forgery. It is possibl...
PT-2023-27915 · Geoserver · Geoserver
Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.22.5 GeoServer versions prior to 2.23.2 GeoServer version 2.10.3 GeoServer version 2.11.1 Description: The issue concerns the use of dynamic styles in GeoServer, which can lead to Service Side Request Forgery. Th...