Tastylgniter Cross-Site Scripting Vulnerability

TastyIgniter is a free open source restaurant online ordering system based on Laravel PHP Framework. A cross-site scripting vulnerability exists in Tastylgniter 3.0.7, which originates from the lack of validation of user-submitted data in the /account, /reservation, /admin/dashboard, and...

GHSA-PHWJ-86VX-CFJC Cross-site scripting in Apache Jena Fuseki

A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena Fuseki from version 2.0.0 to version 4.0.0 inclusive...

Cross-site Scripting (XSS)

curly-bracket-parser is vulnerable to cross-site scripting. An attacker is able to inject and execute arbitrary Javascript in a user's browser when used as a template library due to lack of user input sanitization...

CVE-2021-37470

In NCH WebDictate v2.13, persistent Cross Site Scripting XSS exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript...

CVE-2021-37470

CVE-2021-37470 : In NCH WebDictate v2.13, a persistent Cross-Site Scripting (XSS) flaw exists in the Recipient Name field. An authenticated user can modify this field to inject arbitrary JavaScript, enabling script execution associated with the user’s session. Documented references confirm the vu...

Cross-Site Scripting (XSS)

typo3/cms is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute arbitrary Javascript in a user's browser via backend layouts...

CVE-2021-35054

Minecraft before 1.17.1, when online-mode=false is configured, allows path traversal for deletion of arbitrary JSON files...

Atlassian JIRA Server 跨站脚本漏洞

Atlassian JIRA Server is the server version of a defect tracking management system from Atlassian Australia. The system is mainly used for tracking and managing various types of issues and defects in work. A cross-site scripting vulnerability exists in Atlassian Jira Server, which can be exploite...

Advantech R-SeeNet Cross-Site Scripting Vulnerability (CNVD-2021-57184)

Advantech R-SeeNet is an industrial monitoring software from Advantech, Taiwan, China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.A cross-site scripting vulnerability exists in the devicegraphpage.php script function of...

Etherpad 跨站脚本漏洞

Etherpad is a web-based online document collaboration tool. Multiple users can write a text document simultaneously through Etherpad and see all participants' edits in real time.A cross-site scripting vulnerability exists in the chat component of Etherpad version 1.8.13, which can be exploited by...

Advantech R-SeeNet Cross-Site Scripting Vulnerability (CNVD-2021-57185)

Advantech R-SeeNet is an industrial monitoring software from Advantech, Taiwan, China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.A cross-site scripting vulnerability exists in the devicegraphpage.php script function of...

CVE-2021-21803

This vulnerability is present in devicegraphpage.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution...

CVE-2021-21802

This vulnerability is present in devicegraphpage.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution...

PT-2021-14784 · Advantech · Advantech R-Seenet

Name of the Vulnerable Software and Affected Versions: Advantech R-SeeNet affected versions not specified Description: The issue is present in the device graph page.php script, part of the Advantech R-SeeNet web applications. It allows arbitrary JavaScript code execution when a victim visits a...

PT-2021-14785 · Advantech · Advantech R-Seenet

Name of the Vulnerable Software and Affected Versions: Advantech R-SeeNet affected versions not specified Description: The issue is present in the device graph page.php script, part of the Advantech R-SeeNet web applications. It allows arbitrary JavaScript code execution when a victim visits a...

Advantech R-SeeNet 跨站脚本漏洞

Advantech R-SeeNet is an industrial monitoring software from Advantech, Taiwan, China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.A cross-site scripting vulnerability exists in the devicegraphpage.php script function of...

Cross-Site Scripting (XSS)

servicestack is vulnerable to cross-site scripting XSS. A remote attacker is able to inject and execute arbitrary Javascript in a user's browser via a malicious URL to the application...

Cross site scripting

A reflected Cross Site Scripting XXS vulnerability in ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user’s browser...

Esri Arcgis Server 跨站脚本漏洞

ArcGIS Server is the back-end server software component of ArcGIS Enterprise from Esri that makes your geographic information available to others in your organization, and optionally makes it available to anyone with an Internet connection. A reflected cross-site scripting vulnerability exists in...

Cross site scripting

A reflected Cross Site Scripting XSS vulnerability in Esri ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user’s browser...