Psmoros

**Name of the Vulnerable Software and Affected Versions** webmention.js versions prior to 0.5.5 **Description** The issue is related to Cross-site Scripting (XSS) - DOM in the webmention.js GitHub repository. This type of attack occurs when an application includes user input in its output without proper validation, allowing an attacker to inject malicious scripts into the website. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** For versions prior to 0.5.5, update to version 0.5.5 or later to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Snappy versions prior to 1.4.2 **Description** The issue is related to PHAR deserialization due to a lack of checking on the protocol before passing it into the `file exists()` function. If an attacker can upload files of any type to the server, they can pass in the `phar://` protocol to unserialize the uploaded file and instantiate arbitrary PHP objects. This can lead to remote code execution, especially when Snappy is used with frameworks with documented POP chains like Laravel/Symfony vulnerable developer code. If a user can control the output file from the `generateFromHtml()` function, it will invoke deserialization. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** For Snappy versions prior to 1.4.2, update to version 1.4.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `generateFromHtml()` function to minimize the risk of exploitation. Additionally, restrict the ability to upload files of any type to the server to prevent potential attacks.

**Name of the Vulnerable Software and Affected Versions** knplabs/knp-snappy versions prior to 1.4.3 **Description** The issue concerns a PHAR deserialization vulnerability in the knplabs/knp-snappy PHP library. This vulnerability allows an attacker to gain remote code execution by exploiting the lack of proper checking on the protocol before passing it into the `file exists()` function. If an attacker can upload files to the server, they can pass in the `phar://` protocol to unserialize the uploaded file and instantiate arbitrary PHP objects, leading to remote code execution. This is particularly concerning when snappy is used with frameworks that have documented POP chains, such as Laravel or Symfony. The vulnerability can be exploited if the user can control the output file from the `generateFromHtml()` function, which will invoke deserialization. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For versions prior to 1.4.3, upgrade to version 1.4.3 or later to address the vulnerability. For users unable to upgrade, ensure that only trusted users may submit data to the `AbstractGenerator->generate(...)` function. As a temporary workaround, consider restricting access to the `generateFromHtml()` function to minimize the risk of exploitation. Avoid using the `phar://` protocol in the `filename` parameter of the `prepareOutput()` function until the issue is resolved.