16 matches found
node-xss-hunter
No d...
CVE-2021-41317
XSS Hunter Express before 2021-09-17 does not properly enforce authentication requirements for paths...
MonsterInsights < 8.9.1 - Stored Cross-Site Scripting via Google Analytics
The plugin does not sanitize or escape page titles in the top posts/pages section, allowing an unauthenticated attacker to inject arbitrary web scripts into the titles by spoofing requests to google analytics. 1. Open a WP page with the plugin and Google analytics installed and search for somethi...
CVE-2021-41317
XSS Hunter Express before 2021-09-17 does not properly enforce authentication requirements for paths...
CVE-2021-41317
XSS Hunter Express before 2021-09-17 does not properly enforce authentication requirements for paths...
Cross site scripting
XSS Hunter Express before 2021-09-17 does not properly enforce authentication requirements for paths...
CVE-2021-41317
CVE-2021-41317 affects XSS Hunter Express; multiple connected sources confirm a failure to enforce authentication for paths prior to 2021-09-17, enabling unauthorized access and potential client-side code exposure. CVSS v3.1 base score 9.8 (HIGH/CRITICAL scope) with network attack vector and no p...
CVE-2021-41317
XSS Hunter Express before 2021-09-17 does not properly enforce authentication requirements for paths...
U.S. Dept Of Defense: Blind stored XSS due to insecure contact form at https://█████.mil leads to leakage of session token and
Summary: I have discovered a blind stored cross site scripting vulnerability due to an insecure Contact form available here https://███████.mil/ This form does not properly sanitize user input allowing for the insertion and submission of dangerous characters such as angle brackets. I was able to...
QIWI: HTTP Request Smuggling on api.flocktory.com Leads to XSS on Customer Sites
HTTP Request Smuggling is a technique to desync the sequence in which HTTP requests and responses are processed. This particular vulnerability abuses the CLTE variant of HTTP Request Smuggling as described in PortSwigger's blog. The domain api.flocktory.com was found to be vulnerable to this atta...
Zomato: [www.zomato.com] Blind XSS on one of the Admin Dashboard
Thanks for the report @pandaaaa. The Blind XSS fired when the order details were viewed by the admin at the back-end, The script was injected through an API endpoint from the Zomato app on one of the parameters which was recently introduced to provide special instructions to the restaurant on how...
Zomato: [www.zomato.com] Blind XSS in one of the Admin Dashboard
@sandeephodkasia identified a Blind XSS vulnerability that fired in one of our admin dashboard. POC - @sandeephodkasia added "alert0; XSS Hunter was used in this case in address field while placing an order. - XSS triggered when one of our support agent viewed the order details. Thanks...
Ubiquiti Inc.: Stored XSS in dev-ucrm-billing-demo.ubnt.com In Client Custom Attribute
Hey, Was Testing the subdomins when I came Accross the subdomain https://dev-ucrm-billing-demo.ubnt.com/ I logged in as an Administrator and while testing i added a User and In Client Custom Attribute 1 i added the Payload: """"/ and Save the Client and Then on client page i.e:...
XSS Hunter is Now Open Source – Here’s How to Set It Up!
Recently I opened up XSS Hunter for public registration, this was after publishing a post on how I used XSS Hunter to hack GoDaddy via blind XSS and pointed out that many penetration testers use a very limited alert box-based pentesting methodology which will not detect these types of issues. Aft...
GoDaddy Patches Blind XSS Vulnerability
Domain registrar GoDaddy fixed a vulnerability affecting systems used by its customer support agents that could have been abused to take over, modify or delete accounts. Researcher Matthew Bryant said that a riff on a cross-site scripting attack called a blind XSS was to blame. A GoDaddy customer...
XSS Hunter – A Modern Approach to Testing for Cross-site Scripting (XSS)
Cross-site Scripting XSS origins go arguably back to a lab in Microsoft in 1999. With the first disclosure of the issue titled “ Malicious HTML Tags Embedded in Client Web Requests “, this research sparked an entire generation of an attack that somehow still seems to persist in modern web...