CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 2CVE-2020-20093 – RTLO Injection URI Spoofing
https://notcve.org/view.php?id=CVE-2020-20093
The Facebook Messenger app for iOS 227.0 and prior and Android 228.1.0.10.116 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages. Facebook Messenger app para iOS versiones 227.0 y anteriores y Android versión 228.1.0.10.116 y la interfaz de usuario anterior, no representan apropiadamente los mensajes URI para el usuario, lo que resulta en una suplantación de URI por medio de mensajes especialmente diseñados RTLO injection URI spoofing generator for WhatsApp, iMessage, Instagram, and Facebook Messenger. • http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html https://github.com/zadewg/RIUS •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-24044
https://notcve.org/view.php?id=CVE-2021-24044
By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would invoke generator functions and error out on invalid await/yield positions. This could result in segmentation fault as a consequence of type confusion error, with a low chance of RCE. This issue affects Hermes versions prior to v0.10.0. Al pasar código javascript no válido en el que era llamado a await y yield sobre funciones getter/setter no asíncronas y no generadoras, Hermes invocaba funciones generadoras y daba error en posiciones await/yield no válidas. Esto podría resultar en un fallo de segmentación como consecuencia de un error de confusión de tipos, con una baja probabilidad de RCE. • https://www.facebook.com/security/advisories/cve-2021-24044 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0209 – Mitsol Social Post Feed < 1.11 - Admin+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-0209
The Mitsol Social Post Feed WordPress plugin before 1.11 does not escape some of its settings before outputting them back in attributes, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed El plugin de WordPress Mitsol Social Post Feed antes de la versión 1.11 no escapa de algunas de sus configuraciones antes de devolverlas en atributos, lo que podría permitir a los usuarios con altos privilegios, como los administradores, realizar ataques de Cross-Site Scripting incluso cuando la capacidad unfiltered_html está deshabilitada The Mitsol Social Post Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.10 due to insufficient input sanitization and output escaping on the application id parameters. This makes it possible for authenticated (admin+) attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html is disabled. • https://wpscan.com/vulnerability/1e4af9be-5c88-4a3e-89ff-dd2b1bc131fe • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-24045
https://notcve.org/view.php?id=CVE-2021-24045
A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Facebook Hermes prior to v0.10.0. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected. Una vulnerabilidad de confusión de tipo podría ser desencadenada al resolver el operador unario "typeof" en Facebook Hermes versiones anteriores a v0.10.0. Tenga en cuenta que esto sólo es explotable si la aplicación que usa Hermes permite una evaluación de JavaScript no confiable. • https://github.com/facebook/hermes/commit/55e1b2343f4deb1a1b5726cfe1e23b2068217ff2 https://www.facebook.com/security/advisories/cve-2021-24045 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2019-3556
https://notcve.org/view.php?id=CVE-2019-3556
HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, can be used to output cached regular expressions from the current execution context into a file. The handler takes a parameter which specifies where on the filesystem to write this data. The parameter is not validated, allowing a malicious user to overwrite arbitrary files where the user running HHVM has write access. This issue affects HHVM versions prior to 4.56.2, all versions between 4.57.0 and 4.78.0, as well as 4.79.0, 4.80.0, 4.81.0, 4.82.0, and 4.83.0. • https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4 https://hhvm.com/blog/2020/11/12/security-update.html https://www.facebook.com/security/advisories/cve-2019-3556 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •