18 matches found
CVE-2019-20768
ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS via crafted sysparmitemguid and sysid parameters in an Incident Request to servicecatalog.do...
CVE-2025-20768
creationtimestamp| type| source ---|---|--- 2025-12-02 06:40:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6ydizc3iy2q...
CVE-2021-20768
Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to delete the data of Scheduler and MultiReport without the appropriate privilege...
CVE-2018-20768
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file...
CVE-2024-30376
Famatech Advanced IP Scanner Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Famatech Advanced IP Scanner. An attacker must first obtain the ability to execute low-privileged...
CVE-2024-20768
creationtimestamp| type| source ---|---|--- 2024-03-18 19:27:08+00:00| seen| https://t.me/ctinow/210868...
CVE-2024-20768
CVE-2024-20768 is a stored XSS in Adobe Experience Manager (AEM) 6.5.19 and earlier. The vulnerability allows injected JavaScript in vulnerable form fields, which executes in a victim’s browser when loading the page containing the field. Affected product/versions: AEM 6.5.19 and earlier. Root cau...
CVE-2024-20768 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...
CVE-2022-20768
creationtimestamp| type| source ---|---|--- 2022-07-07 00:14:42+00:00| seen| https://t.me/cibsecurity/45711...
CVE-2021-20768
creationtimestamp| type| source ---|---|--- 2021-08-18 12:16:48+00:00| seen| https://t.me/cibsecurity/27487...
CVE-2021-20768
Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to delete the data of Scheduler and MultiReport without the appropriate privilege...
CVE-2021-20768
The CVE-2021-20768 issue affects Cybozu Garoon 4.0.0 to 5.0.2. It is an operational restrictions bypass vulnerability that allows a remote authenticated attacker to delete data in Scheduler and MultiReport without proper privileges. Connected sources corroborate the affected product range and the...
CVE-2019-20768
creationtimestamp| type| source ---|---|--- 2020-05-06 02:29:11+00:00| seen| https://t.me/cibsecurity/11856...
CVE-2019-20768
CVE-2019-20768 affects ServiceNow IT Service Management ( Kingston through Patch 14-1, London through Patch 7, Madrid before patch 4). The issue is a stored XSS vulnerability triggered by crafted sysparm_item_guid and sys_id parameters in an Incident Request to service_catalog.do. The connected d...
CVE-2018-20768
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file...
CVE-2018-20768
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file...
CVE-2018-20768
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file...
CVE-2018-20768
CVE-2018-20768 affects Xerox WorkCentre models (3655/3655i, 58XX/58XXi, 59XX/59XXi, 6655/6655i, 72XX/72XXi, 78XX/78XXi, 7970/7970i, EC7836/EC7856) prior to firmware R18-05 073.xxx.0487.15000. The vulnerability lets an attacker execute PHP code by abusing a writable file on the device, with networ...