Monthly Archive: May 2022

The Smush WordPress plugin before 3.9.9 does not sanitise and escape a configuration parameter before outputting it back in an admin page when uploading a malicious preset configuration, leading to a Reflected Cross-Site Scripting....

The JivoChat Live Chat WordPress plugin before 1.3.5.4 does not properly check CSRF tokens on POST requests to the plugins admin page, and does not sanitise some parameters, leading to a stored Cross-Site Scripting...

The User Meta WordPress plugin before 2.4.3 does not sanitise and escape the Form Name, as well as Shared Field Labels before outputting them in the admin dashboard when editing a form, which could...

Bottle before 0.12.20 mishandles errors during early request binding. Date published : 2022-05-29 https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use. Date published : 2022-05-29 https://github.com/thorfdbg/libjpeg/commit/187035b9726710b4fe11d565c7808975c930895d https://github.com/thorfdbg/libjpeg/issues/71

Black Rainbow NIMBUS before 3.7.0 allows stored Cross-site Scripting (XSS). Date published : 2022-05-29 Corporate https://excellium-services.com/cert-xlm-advisory/CVE-2022-24967

Cross-site Scripting (XSS) – Stored in GitHub repository go-gitea/gitea prior to 1.16.9. Date published : 2022-05-29 https://huntr.dev/bounties/6336ec42-5c4d-4f61-ae38-2bb539f433d2 https://github.com/go-gitea/gitea/commit/65e0688a5c9dacad50e71024b7529fdf0e3c2e9c

Buffer Over-read in GitHub repository vim/vim prior to 8.2. Date published : 2022-05-29 https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777 https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010

The Master operator may be able to embed script tag in HTML with alert pop-up display cookie. Date published : 2022-05-27 https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0098028

The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment. Date published : 2022-05-27 https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0098028

Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by lou_trace. Date published : 2022-05-27 https://github.com/liblouis/liblouis/commit/ff747ec5e1ac54d54194846f6fe5bfc689192a85 https://github.com/liblouis/liblouis/issues/1214

ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow. Date published : 2022-05-27 https://gitlab.freedesktop.org/freetype/freetype-demos/-/issues/8

The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions. The function created at 0x17958 of /htdocs/cgibin will call sprintf without checking the length...

School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:126. Date published : 2022-05-27 https://github.com/bigzooooz/CVE-2022-30514 https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html