Total
38513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-26519 | 1 Publish To Schedule Project | 1 Publish To Schedule | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Benfica Publish to Schedule plugin <= 4.5.4 versions. | |||||
| CVE-2023-26517 | 1 Plugin-planet | 1 Dashboard Widget Suite | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeff Starr Dashboard Widgets Suite plugin <= 3.2.1 versions. | |||||
| CVE-2023-26515 | 1 Simple Slug Translate Project | 1 Simple Slug Translate | 2024-11-21 | N/A | 5.9 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ko Takagi Simple Slug Translate plugin <= 2.7.2 versions. | |||||
| CVE-2023-26491 | 1 Rsshub | 1 Rsshub | 2024-11-21 | N/A | 5.4 MEDIUM |
| RSSHub is an open source and extensible RSS feed generator. When the URL parameters contain certain special characters, it returns an error page that does not properly handle XSS vulnerabilities, allowing for the execution of arbitrary JavaScript code. Users who access the deliberately constructed URL are affected. This vulnerability was fixed in version c910c4d28717fb860fbe064736641f379fab2c91. Please upgrade to this or a later version, there are no known workarounds. | |||||
| CVE-2023-26487 | 2 Vega-functions Project, Vega Project | 2 Vega-functions, Vega | 2024-11-21 | N/A | 6.5 MEDIUM |
| Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs.`lassoAppend' function accepts 3 arguments and internally invokes `push` function on the 1st argument specifying array consisting of 2nd and 3rd arguments as `push` call argument. The type of the 1st argument is supposed to be an array, but it's not enforced. This makes it possible to specify any object with a `push` function as the 1st argument, `push` function can be set to any function that can be access via `event.view` (no all such functions can be exploited due to invalid context or signature, but some can, e.g. `console.log`). The issue is that`lassoAppend` doesn't enforce proper types of its arguments. This issue opens various XSS vectors, but exact impact and severity depends on the environment (e.g. Core JS `setImmediate` polyfill basically allows `eval`-like functionality). This issue was patched in 5.23.0. | |||||
| CVE-2023-26486 | 2 Vega-functions Project, Vega Project | 2 Vega-functions, Vega | 2024-11-21 | N/A | 6.5 MEDIUM |
| Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. The Vega `scale` expression function has the ability to call arbitrary functions with a single controlled argument. The scale expression function passes a user supplied argument group to getScale, which is then used as if it were an internal context. The context.scales[name].value is accessed from group and called as a function back in scale. This can be exploited to escape the Vega expression sandbox in order to execute arbitrary JavaScript. This issue has been fixed in version 5.13.1. | |||||
| CVE-2023-26480 | 1 Xwiki | 1 Xwiki | 2024-11-21 | N/A | 8.9 HIGH |
| XWiki Platform is a generic wiki platform. Starting in version 12.10, a user without script rights can introduce a stored cross-site scripting by using the Live Data macro. This has been patched in XWiki 14.9, 14.4.7, and 13.10.10. There are no known workarounds. | |||||
| CVE-2023-26465 | 1 Pega | 1 Pega Platform | 2024-11-21 | N/A | 6.1 MEDIUM |
| Pega Platform versions 7.2 to 8.8.1 are affected by an XSS issue. | |||||
| CVE-2023-26457 | 1 Sap | 1 Content Server | 2024-11-21 | N/A | 6.1 MEDIUM |
| SAP Content Server - version 7.53, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can read and modify some sensitive information but cannot delete the data. | |||||
| CVE-2023-26456 | 1 Open-xchange | 1 Ox Guard | 2024-11-21 | N/A | 5.4 MEDIUM |
| Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code execution, allowing an attacker to build a foothold. Sanitization is in place for product names now. No publicly available exploits are known. | |||||
| CVE-2023-26450 | 1 Open-xchange | 1 Open-xchange Appsuite Frontend | 2024-11-21 | N/A | 5.4 MEDIUM |
| The "OX Count" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known. | |||||
| CVE-2023-26449 | 1 Open-xchange | 1 Open-xchange Appsuite Frontend | 2024-11-21 | N/A | 5.4 MEDIUM |
| The "OX Chat" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known. | |||||
| CVE-2023-26448 | 1 Open-xchange | 1 Open-xchange Appsuite Frontend | 2024-11-21 | N/A | 5.4 MEDIUM |
| Custom log-in and log-out locations are used-defined as jslob but were not checked to contain malicious protocol handlers. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content for those locations to avoid redirects to malicious content. No publicly available exploits are known. | |||||
| CVE-2023-26447 | 1 Open-xchange | 1 Open-xchange Appsuite Frontend | 2024-11-21 | N/A | 5.4 MEDIUM |
| The "upsell" widget for the portal allows to specify a product description. This description taken from a user-controllable jslob did not get escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content. No publicly available exploits are known. | |||||
| CVE-2023-26446 | 1 Open-xchange | 1 Open-xchange Appsuite Frontend | 2024-11-21 | N/A | 5.4 MEDIUM |
| The users clientID at "application passwords" was not sanitized or escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the user-controllable clientID parameter. No publicly available exploits are known. | |||||
| CVE-2023-26445 | 1 Open-xchange | 1 Open-xchange Appsuite Frontend | 2024-11-21 | N/A | 5.4 MEDIUM |
| Frontend themes are defined by user-controllable jslob settings and could point to a malicious resource which gets processed during login. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the theme value and use a default fallback if no theme matches. No publicly available exploits are known. | |||||
| CVE-2023-26316 | 1 Mi | 1 Xiaomi Cloud | 2024-11-21 | N/A | 6.1 MEDIUM |
| A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by attackers to steal Xiaomi cloud service account's cookies. | |||||
| CVE-2023-26292 | 1 Forcepoint | 2 Cloud Security Gateway, Web Security | 2024-11-21 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_submit.mhtml modules), Forcepoint Web Security Portal on Hybrid (login_submit.mhtml modules) allows Reflected XSS.This issue affects Cloud Security Gateway (CSG): before 03/29/2023; Web Security: before 03/29/2023. | |||||
| CVE-2023-26291 | 1 Forcepoint | 2 Cloud Security Gateway, Web Security | 2024-11-21 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_form.mhtml modules), Forcepoint Web Security Portal on Hybrid (login_form.mhtml modules) allows Reflected XSS.This issue affects Cloud Security Gateway (CSG): before 03/29/2023; Web Security: before 03/29/2023. | |||||
| CVE-2023-26290 | 1 Forcepoint | 2 Cloud Security Gateway, Web Security | 2024-11-21 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_reset_request.mhtml modules), Forcepoint Web Security Portal on Hybrid (login_reset_request.mhtml modules) allows Reflected XSS.This issue affects Cloud Security Gateway (CSG): before 03/29/2023; Web Security: before 03/29/2023. | |||||