Cross-Site Scripting (XSS)

jspdf is vulnerable to cross-site scripting. An attacker is able to inject and execute arbitrary Javascript in a user's browser by bypassing the filtering regex using...

Cross-Site Scripting (XSS)

jspdf is vulnerable to cross-site scripting. An attacker is able to inject and execute arbitrary Javascript in a user's browser via the HTML method...

PT-2020-10296 · Froala · Froala Editor

Name of the Vulnerable Software and Affected Versions: Froala Editor versions prior to 3.2.3 Description: A DOM-based cross-site scripting XSS issue exists because HTML code in the editor is not correctly sanitized when inserted into the DOM. This allows an attacker that can control the editor...

F5 BIG-IP Cross-Site Scripting Vulnerability (CNVD-2020-61639)

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A cross-site scripting vulnerability exists in the configuration tool in F5 BIG-IP. An attacker could exploit this vulnerabili...

MK-AUTH cross-site scripting vulnerability (CNVD-2021-17430)

MK-AUTH is an access control system from the Brazilian software developer Pedro Filho. A cross-site scripting vulnerability exists in the admin and client scripts in MK-AUTH version 19.01, which can be exploited by an attacker to execute arbitrary JavaScript code...

CVE-2020-15016

NeDi 1.9C is vulnerable to reflected cross-site scripting. The Other-Converter.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the txt GET parameter...

Cross-Site Scripting (XSS)

css-validator is vulnerable to cross-site scripting XSS. A remote attacker is able to inject and execute arbitrary Javascript in a user's browser via the URL when an error message is displayed...

IBM Rational DOORS Next Generation Cross-Site Scripting Vulnerability (CNVD-2020-36389)

IBM Rational DOORS Next Generation DNG/RRC is a suite of software for capturing, tracking, analyzing, and managing requirements from IBM in the United States. The software provides a single platform for global team collaboration to manage requirements more efficiently, sharing unified users,...

Cross-Site Scripting (XSS)

dijit is vulnerable to cross-site scripting. A remote attacker is able to inject and execute arbitrary Javascript in a user's browser via the Editor's LinkDialog plugin...

CVE-2020-9648

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

CVE-2020-9651

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting reflected vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

CVE-2020-9644

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting stored vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

CVE-2020-9647

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting dom-based vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

Cross site scripting

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting dom-based vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

CVE-2020-9651

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting reflected vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

CVE-2020-9648

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

Adobe Experience Manager 6.0 < 6.5 Multiple Vulnerabilities (APSB20-31)

The version of Adobe Experience Manager installed on the remote host is prior to 6.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB20-31 advisory. - Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery ssrf vulnerability...

CVE-2020-5592

Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors...

CVE-2020-5592

Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors...

Cross site scripting

Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors...