WBCE - Stored XSS - Cyber Security News

Read Time:24 Second

Posted by Andrey Stoykov on Jul 16

# Exploit Title: WBCE – Stored XSS
# Date: 07/2023
# Exploit Author: Andrey Stoykov
# Version: 1.6.1
# Tested on: Windows Server 2022
# Blog: http://msecureltd.blogspot.com

Steps to Exploit:

1. Login to application
2. Browse to following URI “http://host/wbce/admin/pages/intro.php"
3. Paste XSS payload “TEST”><img src=x onerror=alert(1)>”
4. Then browse to settings “Settings->General Settings->Enable…

GitPython-3.1.18-3.el8

FEDORA-EPEL-2025-106950fd79 Packages in this update: GitPython-3.1.18-3.el8 Update description: Backport upstream patches to fix CVE-2023-41040 Read More

April 16, 2025

LSN-0111-1: Kernel Live Patch Security Notice

It was discovered that the watch_queue event notification system contained an out-of-bounds write vulnerability. A local attacker could use this...

April 16, 2025

golang-github-openprinting-ipp-usb-0.9.30-4.fc40

FEDORA-2025-2280949271 Packages in this update: golang-github-openprinting-ipp-usb-0.9.30-4.fc40 Update description: rebuild with new golang to fix CVE-2025-22870 (fedora#2352013) Read More

April 16, 2025

mingw-libsoup-2.74.3-11.fc41

FEDORA-2025-bd12d23d21 Packages in this update: mingw-libsoup-2.74.3-11.fc41 Update description: Backport fixes for CVE-2025-32910, CVE-2025-32911, CVE-2025-32913 Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053...

April 16, 2025

mingw-libsoup-2.74.3-11.fc42

FEDORA-2025-c4605302b8 Packages in this update: mingw-libsoup-2.74.3-11.fc42 Update description: Backport fixes for CVE-2025-32910, CVE-2025-32911, CVE-2025-32913 Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053...

April 16, 2025

mingw-libsoup-2.74.3-11.fc40

FEDORA-2025-67e824b908 Packages in this update: mingw-libsoup-2.74.3-11.fc40 Update description: Backport fixes for CVE-2025-32910, CVE-2025-32911, CVE-2025-32913 Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053...

April 16, 2025

Smashing Security podcast #413: Hacking the hackers… with a credit card?

CVE Program Almost Unfunded

Hertz Data Breach Exposes Customer Information in Cleo Zero-Day Attack

China-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European Businesses

92% of Mobile Apps Found to Use Insecure Cryptographic Methods

Insurance firm Lemonade warns of breach of thousands of driving license numbers

Scalper Bots Fueling DVSA Driving Test Black Market

Chaos Reins as MITRE Set to Cease CVE and CWE Operations

Chaos Reigns as MITRE Set to Cease CVE and CWE Operations

WBCE – Stored XSS

GitPython-3.1.18-3.el8

LSN-0111-1: Kernel Live Patch Security Notice

golang-github-openprinting-ipp-usb-0.9.30-4.fc40

mingw-libsoup-2.74.3-11.fc41

mingw-libsoup-2.74.3-11.fc42

mingw-libsoup-2.74.3-11.fc40