Vulnerabilities tagged "xss"

A number of bugs in Tailscale leading to an RCE chain.

There seems to be a lot of gaps in this writeup, but to the best of my understanding the bug a straight forward XSS but only in the MCS Webview giving access to the `window.GalaxyStore` object to download or open any application from the store.

The Autofill Assistant has a chain of issues that could be abused for universal XSS in the context of an arbitrary website.

Three vulns that were discovered in Netlify's Next.js lib, which is heavily used across many cryptocurrency sites due to it's web3 support. With that context in mind, CIA (confidentiality, integrity, availability) is interesting with web3, as integrity is critical; the data coming from a trusted site needs to be trustworthy, as most users won't go digging through the blockchain to verify a particular address or transaction matches.

The vulnerability as reported was closed as not a vulnerability, but it did uncover a bug in the Sanitizer API.