JupyterLab vulnerable to SXSS in Markdown Preview

Impact The vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user...

CVE-2023-50069

WireMock with GUI versions 3.2.0.0 through 3.0.4.0 are vulnerable to stored cross-site scripting SXSS through the recording feature. An attacker can host a malicious payload and perform a test mapping pointing to the attacker's file, and the result will render on the Matched page in the Body area...

CVE-2023-50069

WireMock with GUI versions 3.2.0.0 through 3.0.4.0 are vulnerable to stored cross-site scripting SXSS through the recording feature. An attacker can host a malicious payload and perform a test mapping pointing to the attacker's file, and the result will render on the Matched page in the Body area...

Atlassian Jira < 8.20.3 Cross-Site Scripting

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.20.3. It is, therefore, affected by a vulnerability allowing remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored...

CVE-2021-43945

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting SXSS vulnerability in the /rest/jpo/1.0/hierarchyConfiguration endpoint. The affected versions are...

CVE-2021-43945

Summary (CVE-2021-43945): Atlassian Jira Server/Data Center is affected by a Stored XSS in the /rest/jpo/1.0/hierarchyConfiguration endpoint. Remote attackers with Roadmaps Administrator permissions can inject arbitrary HTML/JavaScript through this SXSS. Affected versions are before 8.20.3; fixed...

CVE-2019-20102

The attachment-uploading feature in Atlassian Confluence Server from version 6.14.0 through version 6.14.3, and version 6.15.0 before version 6.15.5 allows remote attackers to achieve stored cross-site- scripting SXSS via a malicious attachment with a modified mimeType parameter...

ArabPortal 2.0 Stable CrossSiteScripting

ArabPortal 2.0 Stable .. The Best Arbian Portal & Forums System The Bug Is XSS code online.php?&title=D3vil-0x1/titleXSSCODE/XSS download.php?action=byuser&userid=1&title=D3vil-0x1/titleXSSCODE/XSS /code center ^^ Secumod 0.1 Anti-XSS & SQL Injection ^^ Get It For Free !! Only 15$ And Update it...