
CVE-2020-13672
https://notcve.org/view.php?id=CVE-2020-13672
11 Feb 2022 — Cross-site Scripting (XSS) vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to 7.80. Una vulnerabilidad de tipo Cross-site Scripting (XSS) en la API de saneo del núcleo de Drupal que no filtra apropiadamente las vulnerabilidades de tipo cross-site scripting en determinadas circunstancias. Es... • https://www.drupal.org/sa-core-2021-002 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2021-41182 – XSS in the `altField` option of the Datepicker widget
https://notcve.org/view.php?id=CVE-2021-41182
26 Oct 2021 — jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources. jQuery-UI es la biblioteca oficial de interfaz de usuario de jQuery. • https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2021-41183 – XSS in `*Text` options of the Datepicker widget
https://notcve.org/view.php?id=CVE-2021-41183
26 Oct 2021 — jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources. jQuery-UI es la biblioteca oficial de interfaz de usuario de jQuery. • https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2021-41184 – XSS in the `of` option of the `.position()` util
https://notcve.org/view.php?id=CVE-2021-41184
26 Oct 2021 — jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources. jQuery-UI es la biblioteca oficial de interfaz de usuario de jQuery. • https://github.com/gabrielolivra/Exploit-Medium-CVE-2021-41184 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2020-13662
https://notcve.org/view.php?id=CVE-2020-13662
05 May 2021 — Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions. Una vulnerabilidad de Redireccionamiento Abierto en Drupal Core, permite engañar a un usuario de visitar un enlace especialmente diseñado que lo redireccionaría a una URL externa arbitraria. Este problema afecta a: Drupal Drupal Core 7 versión 7.70 y versiones anteri... • https://www.drupal.org/sa-core-2020-003 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVE-2020-13666
https://notcve.org/view.php?id=CVE-2020-13666
05 May 2021 — Cross-site scripting vulnerability in Drupal Core. Drupal AJAX API does not disable JSONP by default, allowing for an XSS attack. This issue affects: Drupal Drupal Core 7.x versions prior to 7.73; 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6. Una vulnerabilidad de tipo cross-site scripting en Drupal Core. La API de Drupal AJAX no deshabilita JSONP por defecto, permitiendo un ataque de tipo XSS. • https://www.drupal.org/sa-core-2020-007 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2020-36193 – PEAR Archive_Tar Improper Link Resolution Vulnerability
https://notcve.org/view.php?id=CVE-2020-36193
18 Jan 2021 — Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. El archivo Tar.php en Archive_Tar versiones hasta 1.4.11, permite operaciones de escritura con Salto de Directorio debido a una comprobación inadecuada de enlaces simbólicos, un problema relacionado al CVE-2020-28948 A flaw was found in the Archive_Tar package. Archive_Tar could allow a remote attacker to traverse directories on the system ca... • https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVE-2020-13671 – Drupal core Un-restricted Upload of File
https://notcve.org/view.php?id=CVE-2020-13671
20 Nov 2020 — Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74. Drupal core no sanea apropiadamente determinados nombres de archivo en los archivos cargados, lo que puede conllevar a un... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVE-2020-28948 – Archive_Tar: allows an unserialization attack because phar: is blocked but PHAR: is not blocked
https://notcve.org/view.php?id=CVE-2020-28948
19 Nov 2020 — Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. Archive_Tar versiones hasta 1.4.10, permite un ataque de no serialización porque phar: está bloqueado pero PHAR: no está bloqueado The php-pear package contains the PHP Extension and Application Repository, a framework and distribution system for reusable PHP components. Issues addressed include file overwrite and traversal vulnerabilities. • https://github.com/0x240x23elu/CVE-2020-28948-and-CVE-2020-28949 • CWE-502: Deserialization of Untrusted Data •

CVE-2020-28949 – PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability
https://notcve.org/view.php?id=CVE-2020-28949
19 Nov 2020 — Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed. Archive_Tar versiones hasta 1.4.10, presenta una desinfección del nombre de archivo :// solo para abordar los ataques phar y, por lo tanto, cualquier otro ataque de empaquetado de flujo (tal y como file:// para sobrescribir archivos) aún puede tener éxito A flaw was found in the Archive_Tar package. PEAR Archive_Tar could allo... • https://packetstorm.news/files/id/161095 • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •