CVE-2021-41182 – XSS in the `altField` option of the Datepicker widget
https://notcve.org/view.php?id=CVE-2021-41182
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources. jQuery-UI es la biblioteca oficial de interfaz de usuario de jQuery. • https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released https://github.com/jquery/jquery-ui/pull/1954/commits/6809ce843e5ac4128108ea4c15cbc100653c2b63 https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3 https://lists.fedoraproj • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-41183 – XSS in `*Text` options of the Datepicker widget
https://notcve.org/view.php?id=CVE-2021-41183
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources. jQuery-UI es la biblioteca oficial de interfaz de usuario de jQuery. • https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released https://bugs.jqueryui.com/ticket/15284 https://github.com/jquery/jquery-ui/pull/1953 https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4 https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3 https://list • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-40690 – Bypass of the secureValidation property
https://notcve.org/view.php?id=CVE-2021-40690
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element. Todas las versiones de Apache Santuario - XML Security for Java anteriores a 2.2.3 y 2.1.7 son vulnerables a un problema donde la propiedad "secureValidation" no es pasada correctamente cuando es creado un KeyInfo a partir de un elemento KeyInfoReference. Esto permite a un atacante abusar de una transformación XPath para extraer cualquier archivo local .xml en un elemento RetrievalMethod • https://lists.apache.org/thread.html/r3b3f5ba9b0de8c9c125077b71af06026d344a709a8ba67db81ee9faa%40%3Ccommits.tomee.apache.org%3E https://lists.apache.org/thread.html/r401ecb7274794f040cd757b259ebe3e8c463ae74f7961209ccad3c59%40%3Cissues.cxf.apache.org%3E https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E https://lists.apache.org/thread.html/r8a5c0ce9014bd07303aec1e5eed55951704878016465d3dae00e0c28%40%3Ccommits.tomee.apache.org%3E https://lists.apache.org/thread.html/r9c100d53c84d54cf71975e3f0cfcc2856a8846554a04c99390156ce4% • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2021-2351 – Oracle Database Weak NNE Integrity Key Derivation
https://notcve.org/view.php?id=CVE-2021-2351
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Advanced Networking Option. • http://packetstormsecurity.com/files/165255/Oracle-Database-Protection-Mechanism-Bypass.html http://packetstormsecurity.com/files/165258/Oracle-Database-Weak-NNE-Integrity-Key-Derivation.html http://seclists.org/fulldisclosure/2021/Dec/19 http://seclists.org/fulldisclosure/2021/Dec/20 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujan2023.html https://www.oracle.com/security-alerts/cpujul2021.html https: • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-384: Session Fixation •
CVE-2021-35043
https://notcve.org/view.php?id=CVE-2021-35043
OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). This was demonstrated by a javascript: URL with : as the replacement for the : character. OWASP AntiSamy versiones anteriores a 1.6.4, permite un ataque de tipo XSS por medio de atributos HTML cuando se usa el serializador de salida HTML (XHTML no está afectado). Esto fue demostrado por un javascript: URL con : como reemplazo del carácter • https://github.com/nahsra/antisamy/pull/87 https://github.com/nahsra/antisamy/releases/tag/v1.6.4 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •