![]() ![]() (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments. Attackers may perform XSS attacks via the inode, identifier, or fieldName parameter in html/js/dotcms/dijit/image/image_tool.jsp. By sending users an infected URL, code will be executed.Īn issue was discovered in Dotcms through 5.0.3. ![]() Since there is an user/admin login interface, it's possible for attackers to steal sessions of users and thus admin(s). The affected function is its search engine (the t parameter to the /search URI). Reservo Image Hosting 1.6 is vulnerable to XSS attacks. PHP Scripts Mall Image Sharing Script 1.3.3 has XSS via the Full Name field in an Edit Profile action. This is fixed in 3.3.1.Īn XSS vulnerability (via an SVG image) in Tiki before 18 allows an authenticated user to gain administrator privileges if an administrator opens a wiki page with a malicious SVG image, related to lib/filegals/filegallib.php. The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik Simple Image Gallery Extended (SIGE) extension 3.2.3 for Joomla! has XSS via a crafted image header, as demonstrated by the Caption-Abstract header object in a JPEG file. ![]() There is persistent XSS via image names in titles, as demonstrated by a screenshot.Ĭross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 through 4.9.1 fixed in 4.9.2), as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, allows remote attackers to inject arbitrary web script through a crafted IMG element.Ĭross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject arbitrary web script or HTML via a malicious SVG image. Quest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability (via an SVG image and HTML file) that allows an authenticated user to execute arbitrary JavaScript in an administrator's browser.Īn issue was discovered in app/webroot/js/misp.js in MISP before 2.4.107. NOTE: It is asserted that an attacker must have the same access rights as the user in order to be able to execute the vulnerability. The JavaScript code is executed during attachments/edit/$file_id$ attachment editing. ** DISPUTED ** Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file names. The JavaScript code is executed during attachments/view/$file_id$ attachment viewing. ** DISPUTED ** Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file content. OX App Suite through 8.2 allows XSS because BMFreehand10 and image/x-freehand are not blocked.Īuthenticated (author or higher user role) Persistent Cross-Site Scripting (XSS) vulnerability in Image Slider by NextCode plugin Add Article" screen.ĬMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a crafted image filename on the "file manager > upload images" screen.īolt before 3.6.10 has XSS via an image's alt or title field. The administrator can choose to allow only image, video, and audio files (i.e., not PDF) if desired. NOTE: the project documentation suggests that a user with the Media Library "Create (upload)" permission is supposed to be able to upload PDF files containing JavaScript, and that all files in a public assets folder are accessible to the outside world (unless the filename begins with a dot character). ** DISPUTED ** An unrestricted file upload vulnerability in the Add New Assets function of Strapi 4.1.12 allows attackers to conduct XSS attacks via a crafted PDF file. Jenkins Image Tag Parameter Plugin 1.10 and earlier does not escape the name and description of Image Tag parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. ![]() As a workaround, cached content can be cleared by re-deploying the site. This problem has been fixed in version 1.2.3. The image URL can be set in the header independently of the request URL, meaning any site images that have not previously been cached can have their cache poisoned. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin ` tags, as scripts do not execute in this context. ChurchCRM v4.5.4 is vulnerable to Reflected Cross-Site Scripting (XSS) via image file.Ī stored cross-site scripting (XSS) vulnerability in alkacon-OpenCMS v11.0.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field under the Upload Image module. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |