CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43368 – Trix has a Cross-Site Scripting (XSS) vulnerability on copy & paste
https://notcve.org/view.php?id=CVE-2024-43368
The Trix editor, versions prior to 2.1.4, is vulnerable to XSS when pasting malicious code. This vulnerability is a bypass of the fix put in place for GHSA-qjqp-xr96-cj99. In pull request 1149, sanitation was added for Trix attachments with a `text/html` content type. However, Trix only checks the content type on the paste event's `dataTransfer` object. As long as the `dataTransfer` has a content type of `text/html`, Trix parses its contents and creates an `Attachment` with them, even if the attachment itself doesn't have a `text/html` content type. • https://github.com/basecamp/trix/commit/7656f578af0d03141a72a9d27cb3692e6947dae6 https://github.com/basecamp/trix/pull/1149 https://github.com/basecamp/trix/pull/1156 https://github.com/basecamp/trix/releases/tag/v2.1.4 https://github.com/basecamp/trix/security/advisories/GHSA-qjqp-xr96-cj99 https://github.com/basecamp/trix/security/advisories/GHSA-qm2q-9f3q-2vcv • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34341 – The Trix Editor Contains an Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-34341
Trix is a rich text editor. The Trix editor, versions prior to 2.1.1, is vulnerable to arbitrary code execution when copying and pasting content from the web or other documents with markup into the editor. The vulnerability stems from improper sanitization of pasted content, allowing an attacker to embed malicious scripts which are executed within the context of the application. Users should upgrade to Trix editor version 2.1.1 or later, which incorporates proper sanitization of input from copied content. Trix es un editor de texto enriquecido. • https://github.com/basecamp/trix/commit/1a5c68a14d48421fc368e30026f4a7918028b7ad https://github.com/basecamp/trix/commit/841ff19b53f349915100bca8fcb488214ff93554 https://github.com/basecamp/trix/pull/1147 https://github.com/basecamp/trix/pull/1149 https://github.com/basecamp/trix/releases/tag/v2.1.1 https://github.com/basecamp/trix/security/advisories/GHSA-qjqp-xr96-cj99 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36612
https://notcve.org/view.php?id=CVE-2023-36612
Directory traversal can occur in the Basecamp com.basecamp.bc3 application before 4.2.1 for Android, which may allow an attacker to write arbitrary files in the application's private directory. Additionally, by using a malicious intent, the attacker may redirect the server's responses (containing sensitive information) to third-party applications by using a custom-crafted deeplink scheme. • https://hackerone.com/reports/1710541 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000855
https://notcve.org/view.php?id=CVE-2018-1000855
easymon version 1.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Endpoint where monitoring is mounted that can result in Reflected XSS that affects Firefox. Can be used to steal cookies, depending on the cookie settings.. This attack appear to be exploitable via The victim must click on a crafted URL that contains the XSS payload. This vulnerability appears to have been fixed in 1.4.1 and later. easymon, en versiones 1.4 y anteriores, contiene una vulnerabilidad Cross Site Scripting (XSS) en el endpoint donde se monta la monitorización. Esto puede resultar en Cross-Site Scripting (XSS) reflejado, que afecta a Firefox. • https://github.com/basecamp/easymon/issues/26 https://github.com/basecamp/easymon/pull/25 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •