poc

High-Severity TinyMCE Cross-Site Scripting Flaw Fixed

  • 0
  • 0
  • 28

The cross-site scripting flaw could enable arbitrary code execution, information disclosure – and e="c5-meta-li-comment cl5-me1; andrg2rts_thumb_blog_2_>

High-Severity TinyMCE Cross-Site

A low-privileged process on a vuln clp cly-flaw/">[ ts Surfacess good or bad? Why ials enJoky- eal">

Researchers have discovered freelTwocoulof-of-[ Reals enmaj

Researchers have discovered freely move urfaces5-metaecurityg anev>[ withiesy hor ss="r>

The cross-site scripting flaw couA bug imp>

A low-privileged procesered freely findd freelTwocoulof-o a trock unpat2rts advantpdivofaw/">reetini>

The cross-site scriptingopss= ptaetrve urf-ms sddresa breritofaw/"ir own. Hurfais haoSoj>mrts meta-you pta-ms badopnotchgeting-apa>

3131

31

31 class="menu-ite

">
"> < pla_dat="m-postwidgein"e_al_widgeinwidgei_ plac>ts_blog-2 c5ab plawidgei > ingHigh-Slio.co0475at8211etspective-opsivejs"alue="" pla/'http://ww"> l/
c://ww> < pla_4t="m-postwidgein"e_al_widgeinwidgei_ plac>ts_blog-2 c5ab plawidgei > c://ww>(funhor s() { .twittemc4wp = .twittemc4wp || { lis xpls: [], 8211s: { on: funhor s(evt, cb) { .twittemc4wp.lis xpls.push(iv cla{iv clasl5-mt : evt,iv classt lback: cbiv cla}iv cl); cla}iv }iv} })(); c://ww><6.0 Mieschimpy flaWord>v4.8.1 - m/vulneraord" " > plugins/mieschimp p wp/emLion="htix" rc4wp p mu-sc-nav clrc4wp p m rc4wp p mu2254t=tps://wwliketitle=">

7/05apachle ret-youtr vul/> classSubc://beyTo Ou Nachle ret!law6> pup tent" sfolent & Compliance Professionals - Opsfolio" src="https://www.opsfolio.com/wp-content/uploads/2017/04/Opsfolio-community-sm5/ pup e P.jpul/> pup learfix"> e cross-snerab ten sfolent & Compliance Professionals - Opsfolio" src="https://www.opsfolio.com/wp-content/uploads/2017/04/Opsfolio-community-sm5/lity_Center-1.cal1.png">340x82-475x82r vul/> p> e>Ws m13,-youaw/">brabild="mainurfaities" src="hitors=" ject-to-si.s="ay –ed! p> e> ten ss" value=""emiesceholderEMAILclass="header-sEmiescerequiC co/e="s" value="" fa-seaSearch" Sign0-0t">< p> "clearfix" >Levailkecomfirld emp="hif-you'u<"Search" 2254t=/e="s" value=""hiddenceholder_rc4wp_8211"em"><"Search" rc4wp p mu-sc/>

< 6.0 / Mieschimpy flaWord>PluginemList ="c5ab_p"> ts_blog-2 c5abdiscphpwidgei > log-2 c5abed freitofil tent"k--> "> tent"k--> "h4>C/" clalaw4> tent"k--> " tent"k--> tent"k--> me"en ss" va"col-sm-laschk schk"alue=""checkboxceholders - Opsfol"Search" s - Opsfol"> tent"k--> ls - Opsfoli tent"k--> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-laschk schk"alue=""checkboxceholdersities" src=""Search" sities" src=""> tent"k--> lsities" src="h tent"k--> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-laschk schk"alue=""checkboxceholderHeenthcarl"Search" Heenthcarl"> tent"k--> lHeenthcarlh tent"k--> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-laschk schk"alue=""checkboxceholderH/a>

  • tent"k--> lH/a>
  • nu-it tent"k--> tent"k--> me"en ss" va"col-sm-laschk schk"alue=""checkboxceholder
    • <"Search" <"> tent"k--> l nu-it tent"k--> tent"k--> me"en ss" va"col-sm-laschk schk"alue=""checkboxceholdera> tent"k--> la> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-laschk schk"alue=""checkboxceholderataetrve urfT class"Search" ataetrve urfT class"> tent"k--> lataetrve urfT classh tent"k--> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-laschk schk"alue=""checkboxceholderli>
  • tent"k--> lli>
  • nu-it tent"k--> tent"k--> me"en ss" va"col-sm-laschk schk"alue=""checkboxceholderThird Par="hompliance Profe"Search" Third Par="hompliance Profe"> tent"k--> lThird Par="hompliance Profeh tent"k--> nu-it tent"k--> -> nu tent"k--> > n> tent"k--> "h4>Aging law4> tent"k--> " -> tent"k--> me"en ss" va"col-sm-lchk schk"aalue=""checkboxceholderAccio earch- Groun"Search" 390"> tent"k--> lAccio earch- Grounh tent"k--> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-lchk schk"aalue=""checkboxceholderAndrew Payn "Search" 340"> tent"k--> lAndrew Payn h tent"k--> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-lchk schk"aalue=""checkboxceholderAnna Kucirkova"Search" 388"> tent"k--> lAnna Kucirkovah tent"k--> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-lchk schk"aalue=""checkboxceholderAl idn J S-seh"Search" 376"> tent"k--> lAl idn J S-sehh tent"k--> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-lchk schk"aalue=""checkboxceholderDavid Balaban"Search" 358"> tent"k--> lDavid Balabanh tent"k--> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-lchk schk"aalue=""checkboxceholderKaylubjetth> tent"k--> lKaylubjetth> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-lchk schk"aalue=""checkboxceholderC xreis Levi> tent"k--> lC xreis Levi> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-lchk schk"aalue=""checkboxceholderRema Deo"Search" 341"> tent"k--> llema Deoh tent"k--> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-lchk schk"aalue=""checkboxceholderSavaramllivi>dra"Search" 348"> tent"k--> lSavaramllivi>drah tent"k--> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-lchk schk"aalue=""checkboxceholderVery> lVery> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-lchk schk"aalue=""checkboxceholder pt:winearch" .op tent"k--> l pt:wh tent"k--> nu-it tent"k--> tent"k--> me"en ss" va"col-sm-lchk schk"aalue=""checkboxceholder ikh Adil Gulinearch" 8"> tent"k--> lS ikh Adil Gulh tent"k--> nu-it tent"k--> - > nu tent"k--> > - > c://ww> jQuery(funhor s() { > var url = .twittelocve ur.lio.;- > if(url == 'm/vulnerability-center/poclassibutorgeting-a'){ > yg aoutParam(); > } > > funhor s yg aoutParam(){ > jQuery.ajax({ > url: 'oclassibutorgsoft&/', > lue=: 'POST', > tle=: {}, > succhin:funhor s(class=" ) > { > $(".hd_tab1").html(class=" ); } }); > } }); jQuery(".schk").w.ope(funhor s(){ ="2020= jQuery(keco).="2(); > var s="cVal0= jQuery('.-lchk:checked').="2(); > var slval0= []; > jQuery('.-lchk:checked').ul> (funhor s(i){ > slval[i]0= jQuery(keco).="2(); > }); > var smpllue=val0= jQuery('.-laschk:checked').="2(); > var lue=val0= []; > jQuery('.-laschk:checked').ul> (funhor s(i){ > lue=val[i]0= $(keco).="2(); > }); - > > if(smpllue=val0== null) > { > locve ur.lio.0= om/category/security-breachlassibutorgeting-a?slval="+slval; } else if(s="cVal0== null) > { > locve ur.lio.0= om/category/security-breachlassibutorgeting-a?slas="+lue=val; } else{ > locve ur.lio.0= om/category/security-breachlassibutorgeting-a?slas="+lue=val+"&slval="+slval; } }); jQuery(funhor s() {- > > funhor s getParameng-(param) {- > > var params = .twittelocve ur.ed fre.=ubctr(1).split('&'); ---------- fla(var i = 0; i < params.length; i++) {- > >var p=params[i].split('='); ----------if (p[0]0== param) { ----------Shah ontin(p[1]); ----------} > ---} > } if((.twittelocve ur.lio..tndexOf('slas') > -1) || (.twittelocve ur.lio..tndexOf('slval') > -1)) { > var smpllu0= []; > var sllue=0= []; > var smpllue=V"2020= getParameng-('slas') ; > var s="cVal0200000= getParameng-('slval') ; > if(smpllue=V"202) > var smpllu0= smpllue=V"202.split(','); > if(s="cVal02) > var sllue=0= s="cVal02.split(','); > -- fla(i = 0; i < smpllu.length; i++) { > if(smpllu.tndexOf(smpllu[i]) != -1) > { > --jQuery('ss" v.-laschk[earch" '+ smpllu[i] +'"]').ett-('checked', tr02); > } } > -- fla(i = 0; i < sllue=.length; i++) { > if(sllue=.tndexOf(sllue=[i]) != -1) > { > jQuery('ss" v.-lchk[earch" '+ sllue=[i] +'"]').ett-('checked', tr02); > } } > jQuery.ajax({ > url: 'oclassibutorgsoft&/', > lue=: 'POST', > // tle=: {s="cVal02:sllue=}, > tle=: {smpllue=V"202: smpllu, s="cVal02:sllue=}, > succhin:funhor s(class=" ) > { > jQuery(".hd_tab1").html(class=" ); > } }); >} > funhor s getParameng-(param) {- > var params = .twittelocve ur.ed fre.=ubctr(1).split('&'); --- fla(var i = 0; i < params.length; i++) > { > var p=params[i].split('='); ------if (p[0]0== param) { -----Shah ontin(p[1]); -----} } > //Shah ="c5ab_p"> < pla_3t="m-postwidgein"e_al_widgeinwidgei_ plac>ts_blog-2 c5ab plawidgei > log-c="httpbackground-color: #3867a4; > borttonbottom: 4px sityd #555; > umbnail: 2.2rem 1rem; box-sizail: borttonbox;"> e-c="httpfosimpiz2: 1.6rem; > lpla_/div>: proper; ma Micnbottom: 0; xclashe : 1.2;"> a-c="httpcolor: #fff;fosimwe : 400; > lpla_de-srve ur: ogra;folio.com/vulnerability-center/powrc=e flune-mSfa-se /sparc5ab_="me p> "clear ="c5ab_p"> c://ww> > jQuery(".btn-mo").tent(pdisors]d",false); > c://ww> > nEigh-Sllue="" pla/'http://ww"> > funhor s mo_openid_on_cs=" nt_reitge(checkbox){ > if (! checkbox.checked) { > jQuery('#mo_openid_cs=" nt_reeckbox').="2(1); > jQuery(".btn-mo").ett-(pdisors]d", tr02); > jQuery(".loMic- ").eddCm-po(pdis"); > } else { > jQuery('#mo_openid_cs=" nt_reeckbox').="2(0); > jQuery(".btn-mo").ett-(pdisors]d", false); > jQuery(".loMic- ").Cro>veCm-po(pdis"); > } } > > var perfEassies = perf211;nce.geiEassiesByTue=(igation-shor); > > if (perfEassies[0].lue=0=== pback_821ward") { > locve ur.recomm(tr02); > } > funhor s HandleP pupResult(clault) { > .twittelocve ur0= o"; > } > funhor s moOpenIdLoMic(app_hold,is_ildren_app) { > var var var d0= newre Se(); > d.edtTime(d.geiTime() + (2 * 24 * 60 * 60 * 1000)); > var expires = "expires="+d.toUTCSssing(); > docuo-si. > var base_url = 'm/vulnerability-center/p'; > var reques _uri = 'oc-e">

    var m/vu = 'm/vulner'; > var m/vu_hd eT= 'ability-center/p'; > var default_nouloT= '199b36086d'; > var ildren_nouloT= 'cf5fce4ff2'; > > if(is_ildren_app == 'false'){ > if ( reques _uri.tndexOf('wp-loMic.phs') !=-1){ > var redirect_url = base_url + 'o?oplio.cgeimosocivimaMic&wp_noulo=' + default_nouloT+ '&app_hold='; > > }else { > var redirect_url = m/vu + m/vu_hd eT+ reques _uri; > if(redirect_url.tndexOf('?') != -1){ > redirect_url = redirect_url +'&oplio.cgeimosocivimaMic&wp_noulo=' + default_nouloT+ '&app_hold='; } else { > redirect_url = redirect_url +'?oplio.cgeimosocivimaMic&wp_noulo=' + default_nouloT+ '&app_hold='; } } } else { > if ( reques _uri.tndexOf('wp-loMic.phs') !=-1){ > var redirect_url = base_url + 'o?oplio.corginredirect&wp_noulo=' + ildren_nouloT+ '&app_hold='; > > }else { > var redirect_url = m/vu + m/vu_hd eT+ reques _uri; > if(redirect_url.tndexOf('?') != -1) > redirect_url = redirect_url +'&oplio.corginredirect&wp_noulo=' + ildren_nouloT+ '&app_hold='; else redirect_url = redirect_url +'?oplio.corginredirect&wp_noulo=' + ildren_nouloT+ '&app_hold='; } > > } if( 0) { > var myd For = .twitteopen(redirect_url + app_hold, o", o =700,he =620"); > } else{ > .twittelocve ur.lio. = redirect_url + app_hold; > } } c://ww> > blog-2 c5a'mo-openid-app-youts'temmmmm e-c="htt'color:#000000; : fit4/Opsfol;'> etinga rel='nof ' -c="htt'ma Micnleft: 4px !important; : px !important;umbnail-top:6px !important;umbnail-bottom:6px !important;ma Micnbottom: -1px !important;borttonradius: 4px !important;'2 c5a'btn btn-mo btn-block btn-socivi btn-tspectiv btn-ildren_de- loMic- 'onC.ope <
    round-color'd="in:ant;;a-tspectiv'_ _id' nEigh-Sllue="" plaa ub/">[='_blankbility-center/poc-e"minior mSfa-' nEigh-Sllue="" plapliance 'olen't/uplcenter/poclassibutorgetingunity-sm5/l p wp/einior ){ > 'temmmm/includ p/einiOr mpnga-tspectiv'_eckbox' ' nEigh-Sllue="" pla_ponEigh-Sllue="" pla_d
    ts_blog-2 iposa' "ontent620");"300" "250nt/uploads/2017/04/Opsfolio-community-sm5/lity_Center-1.c2/">340x82-300x250 e>W_al_widg w -9765 he Strheta-liposum lpliposum"ance Pwp-content/;fosimmax-ant;umb %; a-c="ht"><;value=penid/;fos># -yHPFY{ #3867a4; : (center/poclassibutorgetingunity-sm5/lity_Center20/03/Corona- x mbn} @iposaevt, clyode ehumbnd (-webkngaein'onvice-pixel-o.com: 2),evt, clyode ehumbnd (oatein'-soz'onvice-pixel-o.com: 2),evt, clyode ehumbnd (oat -oaein'onvice-pixel-o.com: 2/1),evt, clyode ehumbnd (oat oatein'onvice-pixel-o.com: 2),evt, clyode ehumbnd (oat ein' > olucom/vu192dpi),evt, clyode ehumbnd (oat ein' > olucom/vu2dppxams # -yHPFY{ #3867a4; : (center/poclassibutorgetingunity-sm5/lity_Center20/03/Corona-200x2 mbn}} bl;fos>d/;fos># -hPqtQ{ #3867a4; : (center/poclassibutorgetingunity-sm5/lity_Center20/01 a>[ R x mbn} @iposaevt, clyode ehumbnd (-webkngaein'onvice-pixel-o.com: 2),evt, clyode ehumbnd (oatein'-soz'onvice-pixel-o.com: 2),evt, clyode ehumbnd (oat -oaein'onvice-pixel-o.com: 2/1),evt, clyode ehumbnd (oat oatein'onvice-pixel-o.com: 2),evt, clyode ehumbnd (oat ein' > olucom/vu192dpi),evt, clyode ehumbnd (oat ein' > olucom/vu2dppxams # -hPqtQ{ #3867a4; : (center/poclassibutorgetingunity-sm5/lity_Center20/01 a>[ R200x2 mbn}} bl;fos>d/;fos># -laYAM{ #3867a4; : (center/poclassibutorgetingunity-sm5/lity_Center19/11/VGSR x pngabn} @iposaevt, clyode ehumbnd (-webkngaein'onvice-pixel-o.com: 2),evt, clyode ehumbnd (oatein'-soz'onvice-pixel-o.com: 2),evt, clyode ehumbnd (oat -oaein'onvice-pixel-o.com: 2/1),evt, clyode ehumbnd (oat oatein'onvice-pixel-o.com: 2),evt, clyode ehumbnd (oat ein' > olucom/vu192dpi),evt, clyode ehumbnd (oat ein' > olucom/vu2dppxams # -laYAM{ #3867a4; : (center/poclassibutorgetingunity-sm5/lity_Center19/11/VGSR200x2 pngabn}} bl;fos>d/;fos># -KiUWt{ #3867a4; : (center/poclassibutorgetingunity-sm5/lity_Center19/08/Lclas--> R x mbn} @iposaevt, clyode ehumbnd (-webkngaein'onvice-pixel-o.com: 2),evt, clyode ehumbnd (oatein'-soz'onvice-pixel-o.com: 2),evt, clyode ehumbnd (oat -oaein'onvice-pixel-o.com: 2/1),evt, clyode ehumbnd (oat oatein'onvice-pixel-o.com: 2),evt, clyode ehumbnd (oat ein' > olucom/vu192dpi),evt, clyode ehumbnd (oat ein' > olucom/vu2dppxams # -KiUWt{ #3867a4; : (center/poclassibutorgetingunity-sm5/lity_Center19/08/Lclas--> R200x2 mbn}} bl;fos>d_loMic_warfix-log-2 n"e_al_widgeinwidgei_ plac>ts_bories-356c5-einwidgei-log-2 narfix-log-2 olio.ctrigger cng cl->rmtn-> log-c="hk--> i/span>3alearfiss="row">
    Th5-y_Cek--> i/s-hover-trigger c5ab_posts_thumb_blog_2_single c5-padding clearfix no_th vul-ce"k--> -24 hasog_2_s arfix">Ttenk--> i/s- ten sfot'-bility-center/powrc=e flune-mSfa-coronavirus-Lclas[span> c5-mleawww.h pa>

    • portantditor> pant;ditor> ptin ditor>[span> c5-mleawww.h["k--> C-mleawww, Hs irticusros -ak HIVerito siv class="row">
    -30 hasog_2_s arfix">Ttenk--> i/s- ten sfot'-bility-center/powrc=e flune-mSfa-5- cl> toosalixbusroess-owiv c-need/'0gstay-orgeawzrticlspan> pa> portantditor> pant;ditor> ptin ditor>alixbusroess-owiv c-need/'0gstay-orgeawzrticl5 Ocl> Toosali Busroess Owiv c Ne Apach p> Orgeawzrtiv class="row">
    -24 hasog_2_s arfix">Ttenk--> i/s- ten sfot'-bility-center/powrc=e flune-mSfa-'0guokeawzr-or-notguokeawzr-thr-truth-about-scopeky-cec--> -:slliclspan> pa> portantditor> pant;ditor> ptin ditor> tentiv class="row">