Javascript Exploits
229 exploits tracked across all sources.
Next.js < 14.2.24 - Race Condition in Pages Router via x-now-route-matches Header
Next.js is a React framework for building full-stack web applications. Versions prior to 14.2.24 and 15.1.6 have a race-condition vulnerability. This issue only affects the Pages Router under certain misconfigurations, causing normal endpoints to serve `pageProps` data instead of standard HTML. This issue was patched in versions 15.1.6 and 14.2.24 by stripping the `x-now-route-matches` header from incoming requests. Applications hosted on Vercel's platform are not affected by this issue, as the platform does not cache responses based solely on `200 OK` status without explicit `cache-control` headers. Those who self-host Next.js deployments and are unable to upgrade immediately can mitigate this vulnerability by stripping the `x-now-route-matches` header from all incoming requests at the content development network and setting `cache-control: no-store` for all responses under risk. The maintainers of Next.js strongly recommend only caching responses with explicit cache-control headers.
by hidesec
ServiceNow AI Platform - Reflected Cross-Site Scripting
ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could result in arbitrary code being executed within the browsers of ServiceNow users who click on a specially crafted link.
ServiceNow has addressed this vulnerability by deploying a relevant security update to the majority of hosted instances. Relevant security updates also have been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configurations. Further, the vulnerability is addressed in the listed patches and hot fixes. We recommend customers promptly apply appropriate updates or upgrade if they have not already done so.
by DanielMadsenDK
ServiceNow AI Platform - Reflected Cross-Site Scripting
ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could result in arbitrary code being executed within the browsers of ServiceNow users who click on a specially crafted link.
ServiceNow has addressed this vulnerability by deploying a relevant security update to the majority of hosted instances. Relevant security updates also have been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configuration. Further, the vulnerability is addressed in the listed patches and hot fixes. We recommend customers promptly apply appropriate updates or upgrade if they have not already done so.
by DanielMadsenDK
Google Chrome < 138.0.7204.96 - Type Confusion in V8
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
by mistymntncop
WordPress 3.5-6.8.2 - Unauthenticated Private Post Title Exposure via Pingback XML-RPC Requests
WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior.
by limmmw
CVSS 3.7
Roundcube <1.5.7, <1.6.0-1.6.7 - Info Disclosure
mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 insufficiently filters Cascading Style Sheets (CSS) token sequences in rendered e-mail messages, allowing a remote attacker to obtain sensitive information.
by victoni
Google Chrome < 126.0.6478.54 - Arbitrary Code Execution via Malicious Extension in DevTools
Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: High)
by ading2210
Blink1Control2 <= 2.2.7 - Weak Password Encryption
The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.
by p1ckzi
CVSS 7.5
Google Chrome <78.0.3904.87 - Use After Free
Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
by Forrest Orr
CVSS 8.8
Wordpress 4.9.6 - Arbitrary File Deletion (Authenticated) (2)
by samguy
node-serialize < 0.0.4 - Remote Code Execution via Unserialize Function
An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE).
by Beren Kuday GÖRÜN
CVSS 9.8
Microsoft Internet Explorer 6-11 - Remote Code Execution via SetMouseCapture Use-After-Free
Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll.
by SlidingWindow
CVSS 8.8
Internet Explorer - Remote Code Execution via Scripting Engine Memory Corruption
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.
by Forrest Orr
CVSS 7.5
Firefox < 72.0.1 and Firefox ESR < 68.4.1 - Type Confusion in IonMonkey JIT Compiler
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
by Forrest Orr
CVSS 8.8
Anote 1.0 Persistent Cross-Site Scripting Remote Code Execution
Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to execute arbitrary code by injecting malicious payloads into markdown files stored within the application. Attackers can craft malicious markdown files with embedded JavaScript that executes system commands when opened, enabling remote code execution on the victim's computer.
by TaurusOmar
CVSS 7.2
Xmind 2020 - Stored Cross-Site Scripting via Malicious Mind Mapping File
Xmind 2020 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into mind mapping files or custom headers. Attackers can craft malicious files with embedded JavaScript that execute system commands when opened, enabling remote code execution through mouse interactions or file opening.
by TaurusOmar
CVSS 6.1
Tagstoo 2.0.1 - Stored Cross-Site Scripting via File or Custom Tag Injection
Tagstoo 2.0.1 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious payloads through files or custom tags. Attackers can execute arbitrary JavaScript code to spawn system processes, access files, and perform remote code execution on the victim's computer.
by TaurusOmar
CVSS 5.4
StudyMD 0.3.2 - Stored Cross-Site Scripting via Markdown File Upload
StudyMD 0.3.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into markdown files. Attackers can upload crafted markdown files with embedded JavaScript payloads that execute when the file is opened, potentially enabling remote code execution.
by TaurusOmar
CVSS 7.2
SnipCommand 0.1.0 - Stored Cross-Site Scripting via File or Title Input
SnipCommand 0.1.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into command snippets. Attackers can execute arbitrary code by embedding malicious JavaScript that triggers remote command execution through file or title inputs.
by TaurusOmar
CVSS 6.1
Moeditor 0.2.0 - Stored Cross-Site Scripting via Markdown File Upload
Moeditor 0.2.0 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads within markdown files. Attackers can upload specially crafted markdown files with embedded JavaScript that execute when opened, potentially enabling remote code execution on the victim's system.
by TaurusOmar
CVSS 7.2
Marky 0.0.1 - Stored Cross-Site Scripting via Crafted Markdown File Upload
Marky 0.0.1 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into markdown files. Attackers can upload crafted markdown files with embedded JavaScript payloads that execute when the file is opened, potentially enabling remote code execution.
by TaurusOmar
CVSS 7.2
Markright 1.0 - Stored Cross-Site Scripting via Crafted Markdown Files
Markright 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to embed malicious payloads in markdown files. Attackers can upload specially crafted markdown files that execute arbitrary JavaScript when opened, potentially enabling remote code execution on the victim's system.
by TaurusOmar
CVSS 7.2
Markdownify 1.2.0 - Stored Cross-Site Scripting via Crafted Markdown File Upload
Markdownify 1.2.0 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads within markdown files. Attackers can upload crafted markdown files with embedded scripts that execute when the file is opened, potentially enabling remote code execution.
by TaurusOmar
CVSS 7.2
Markdown Explorer 0.1.1 - Stored Cross-Site Scripting via File Upload
Markdown Explorer 0.1.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious code through file uploads and editor inputs. Attackers can upload markdown files with embedded JavaScript payloads that execute in the application's privileged renderer context, allowing code execution on the host.
by Taurus Omar
CVSS 6.1
Freeter 1.2.1 - Stored Cross-Site Scripting via Custom Widget Titles and Files
Freeter 1.2.1 contains a persistent cross-site scripting vulnerability that allows attackers to store malicious payloads in custom widget titles and files. Attackers can craft malicious files with embedded scripts that execute when victims interact with the application, potentially enabling remote code execution.
by TaurusOmar
CVSS 7.2
By Source