CVE-2026-3862 Cross-Site Scripting Vulnerability in SiteMinder Administrative UI

Cross-site Scripting XSS allows an attacker to submit specially crafted data to the application which is returned unaltered in the resulting web page...

CVE-2023-7312

Nagios Fusion versions prior to 4.2.0 contain a stored cross-site scripting XSS vulnerability when adding or configuring Email Settings. Unsanitized user input can be stored and later rendered in the administrative UI, causing JavaScript to execute in the browser of any user who views the affecte...

CVE-2023-7312

Nagios Fusion versions prior to 4.2.0 contain a stored cross-site scripting XSS vulnerability when adding or configuring Email Settings. Unsanitized user input can be stored and later rendered in the administrative UI, causing JavaScript to execute in the browser of any user who views the affecte...

EUVD-2021-25139

Malware in sbrugna...

EUVD-2024-36602

Malicious code in bioql PyPI...

CVE-2025-49081

There is an insufficient input validation vulnerability in the warehouse component of Absolute Secure Access prior to server version 13.55. Attackers with system administrator permissions can impair the availability of the Secure Access administrative UI by writing invalid data to the warehouse...

CVE-2025-49081 Input validation vulnerability in the Secure Access prior to version 13.55

There is an insufficient input validation vulnerability in the warehouse component of Absolute Secure Access prior to server version 13.55. Attackers with system administrator permissions can impair the availability of the Secure Access administrative UI by writing invalid data to the warehouse...

CVE-2024-37345

There is a cross-site scripting vulnerability in the Secure Access administrative UI of Absolute Secure Access prior to version 13.06. Attackers can pass a limited-length script to the administrative UI which is then stored where an administrator can access it. The scope is unchanged, there is no...

CVE-2024-37346

There is an insufficient input validation vulnerability in the Warehouse component of Absolute Secure Access prior to 13.06. Attackers with system administrator permissions can impair the availability of certain elements of the Secure Access administrative UI by writing invalid data to the...

CVE-2021-38701

Certain Motorola Solutions Avigilon devices allow XSS in the administrative UI. This affects T200/201 before 4.10.0.68; T290 before 4.4.0.80; T008 before 2.2.0.86; T205 before 4.12.0.62; T204 before 3.28.0.166; and T100, T101, T102, and T103 before 2.6.0.180...

CVE-2024-37346

There is an insufficient input validation vulnerability in the Warehouse component of Absolute Secure Access prior to 13.06. Attackers with system administrator permissions can impair the availability of certain elements of the Secure Access administrative UI by writing invalid data to the...

CVE-2024-37346

CVE-2024-37346 affects Absolute Secure Access (Warehouse component) prior to version 13.06. Root cause is insufficient input validation in the Warehouse when data is written to it over the network. Attackers with system administrator permissions can impair the availability of elements in the Secu...

CVE-2024-37345

CVE-2024-37345 : Absolute Secure Access (Secure Access admin UI) prior to 13.06 has a stored cross‑site scripting vulnerability. An attacker can pass a limited‑length script to the admin UI, which is stored where an administrator can access it. Impact: confidentiality: Low; integrity: High; avail...

PT-2024-27489 · Unknown · Absolute Secure Access

Name of the Vulnerable Software and Affected Versions: Absolute Secure Access versions prior to 13.06 Description: The issue is related to insufficient input validation in the Warehouse component. Attackers with system administrator permissions can impair the availability of certain elements of t...

CVE-2021-38701

Certain Motorola Solutions Avigilon devices allow XSS in the administrative UI. This affects T200/201 before 4.10.0.68; T290 before 4.4.0.80; T008 before 2.2.0.86; T205 before 4.12.0.62; T204 before 3.28.0.166; and T100, T101, T102, and T103 before 2.6.0.180...

Design/Logic Flaw

Certain Motorola Solutions Avigilon devices allow XSS in the administrative UI. This affects T200/201 before 4.10.0.68; T290 before 4.4.0.80; T008 before 2.2.0.86; T205 before 4.12.0.62; T204 before 3.28.0.166; and T100, T101, T102, and T103 before 2.6.0.180...

CVE-2021-38701

Certain Motorola Solutions Avigilon devices allow XSS in the administrative UI. This affects T200/201 before 4.10.0.68; T290 before 4.4.0.80; T008 before 2.2.0.86; T205 before 4.12.0.62; T204 before 3.28.0.166; and T100, T101, T102, and T103 before 2.6.0.180...

CVE-2021-38701

CVE-2021-38701 affects Motorola Solutions Avigilon devices. The vulnerability is a cross-site scripting flaw in the administrative UI, caused by inadequate input validation/output handling. Affected models and approximate versions include T200/201 before 4.10.0.68; T290 before 4.4.0.80; T008 befo...

TIBCO JasperReports <= 7.1.1 Access Control Vulnerability

TIBCO JasperReports is prone to an access control vulnerability in the administrative UI component. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Design/Logic Flaw

The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated attacker to obtain the permissions of a...