CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30192 – WordPress Pinterest Plugin <= 1.8.2 - Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2024-30192
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Pins for Pinterest allows Stored XSS.This issue affects GS Pins for Pinterest: from n/a through 1.8.2. La vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ("cross-site Scripting") en GS Plugins GS Pins for Pinterest permite XSS almacenado. Este problema afecta a GS Pins para Pinterest: desde n/a hasta 1.8.2. The WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 1.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/gs-pinterest-portfolio/wordpress-pinterest-plugin-1-8-2-cross-site-scripting-xss?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28251 – Cross-site websocket hijacking in Querybook
https://notcve.org/view.php?id=CVE-2024-28251
Querybook is a Big Data Querying UI, combining collocated table metadata and a simple notebook interface. Querybook's datadocs functionality works by using a Websocket Server. The client talks to this WSS whenever updating/deleting/reading any cells as well as for watching the live status of query executions. Currently the CORS setting allows all origins, which could result in cross-site websocket hijacking and allow attackers to read/edit/remove datadocs of the user. This issue has been addressed in version 3.32.0. • https://github.com/pinterest/querybook/pull/1425 https://github.com/pinterest/querybook/security/advisories/GHSA-5349-j4c9-x767 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27103 – Querybook Stored Cross-Site Scripting allows Privilege Elevation
https://notcve.org/view.php?id=CVE-2024-27103
Querybook is a Big Data Querying UI. When a user searches for their queries, datadocs, tables and lists, the search result is marked and highlighted, and this feature uses dangerouslySetInnerHTML which means that if the highlighted result has an XSS payload it will trigger. While the input to dangerouslySetInnerHTML is not sanitized for the data inside of queries which leads to an XSS vulnerability. During the "query auto-suggestion" the name of the suggested tables are set with innerHTML which leads to the XSS vulnerability. A patch to rectify this issue has been introduced in Querybook version 3.31.2. • https://github.com/pinterest/querybook/commit/449bdc9e7d679e042c3718b7ed07d2ffa3c46a8f https://github.com/pinterest/querybook/security/advisories/GHSA-3hjm-9277-5c88 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-26148 – Querybook's Stored Cross-Site Scripting vulnerability allows Privilege Elevation
https://notcve.org/view.php?id=CVE-2024-26148
Querybook is a user interface for querying big data. Prior to version 3.31.1, there is a vulnerability in Querybook's rich text editor that enables users to input arbitrary URLs without undergoing necessary validation. This particular security flaw allows the use of `javascript:` protocol which can potentially trigger arbitrary client-side execution. The most extreme exploit of this flaw could occur when an admin user unknowingly clicks on a cross-site scripting URL, thereby unintentionally compromising admin role access to the attacker. A patch to rectify this issue has been introduced in Querybook version `3.31.1`. • https://github.com/pinterest/querybook/commit/bc620dabaaf13ff1dcb30af0b46a490403fb9908 https://github.com/pinterest/querybook/pull/1412 https://github.com/pinterest/querybook/security/advisories/GHSA-fh6g-gvvp-587f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46151 – Reflected XSS
https://notcve.org/view.php?id=CVE-2022-46151
Querybook is an open source data querying UI. In affected versions user provided data is not escaped in the error field of the auth callback url in `querybook/server/app/auth/oauth_auth.py` and `querybook/server/app/auth/okta_auth.py`. This may allow attackers to perform reflected cross site scripting (XSS) if Content Security Policy (CSP) is not enabled or `unsafe-inline` is allowed. Users are advised to upgrade to the latest, patched version of querybook (version 3.14.2 or greater). Users unable to upgrade may enable CSP and not allow unsafe-inline or manually escape query parameters in a reverse proxy. • https://github.com/pinterest/querybook/commit/88a7f10495bf5ed1a556ade51a2f2794e403c063 https://github.com/pinterest/querybook/security/advisories/GHSA-mrrw-9wf7-xq6w • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •