Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

JVN#50361500: Multiple vulnerabilities in WordPress Plugin "Ninja Forms"

WordPress Plugin "Ninja Forms" provided by Saturday Drive contains multiple vulnerabilities listed below. Cross-site request forgery CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score 4.3 CVE-2024-25572 Stored cross-site scripting in submit processing CWE-79...

WordPress plugin Survey Maker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

JetBrains TeamCity AgentDistributionSettingsController Cross-Site Scripting Vulnerability

This vulnerability allows remote attackers to execute arbitrary script on affected installations of JetBrains TeamCity. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

CVE-2024-28034

Cross-site scripting vulnerability exists in Mini Thread Version 3.33βi. An arbitrary script may be executed on the web browser of the user accessing the website that uses the product. Note that the developer was unreachable, therefore, users should consider stop using Mini Thread Version 3.33βi...

CVE-2024-28034

The CVE-2024-28034 entry describes a cross-site scripting (CWE-79) vulnerability in Mini Thread Version 3.33βi. An arbitrary script could be executed in the browser of users visiting a site that uses this product. The focal product is Mini Thread 3.33βi; the root cause and exact vulnerable compon...

Mini Thread vulnerable to cross-site scripting

Overview Mini Thread provided by Flash CGI according to the original report submitted by the reporter is a CGI script for creating a bulletin board system BBS. Mini Thread contains a cross-site scripting vulnerability CWE-79. During the meeting of Committee for authorizing the disclosure of...

Zerochannel 0ch BBS Script 安全漏洞

Zerochannel 0ch BBS Script is a bulletin board software from Zerochannel, Inc. A security vulnerability exists in Zerochannel 0ch BBS Script version ver.4.00, which originated from a vulnerability that allows an attacker to execute arbitrary scripts on the web browser of a user who visits a web...

JVN#46874970: 0ch BBS Script (0ch) vulnerable to cross-site scripting

0ch BBS Script 0ch according to the original report submitted by the reporter provided by Zerochannel according to the original report submitted by the reporter is bulletin board software. 0ch BBS Script 0ch contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be...

TOTOLINK X2000R 安全漏洞

TOTOLINK X2000R is a WiFi 6 router from China's Gion Electronics that supports Gigabit network and Easy Mesh features with multi-device connectivity and wireless expansion capabilities. The TOTOLINK X2000R suffers from a cross-site scripting vulnerability that stems from the application's lack of...

FitNesse Cross-site Scripting vulnerability

Cross-site scripting vulnerability exists in FitNesse releases prior to 20220319, which may allow a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product and accessing a link with a specially crafted certain parameter...

CVE-2024-21584

Pleasanter 1.3.49.0 and earlier contains a cross-site scripting vulnerability. If an attacker tricks the user to access the product with a specially crafted URL and perform a specific operation, an arbitrary script may be executed on the web browser of the user...

CVE-2023-49971

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customersupport/index.php?page=customerlist...

Customer Support System 跨站脚本漏洞

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a cross-site scripting vulnerability that stems fro...

openSUSE: Security Advisory for libreoffice (SUSE-SU-2023:4932-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-25436

A cross-site scripting XSS vulnerability in the Production module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

Cross site scripting

A cross-site scripting XSS vulnerability in the Submission module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

JVN#78084105: OpenPNE plugin "opTimelinePlugin" vulnerable to cross-site scripting

OpenPNE plugin "opTimelinePlugin" provided by OpenPNE Project contains a stored cross-site scripting vulnerability CWE-79 in Edit Profile page. Impact On the site which uses the affected product, when a user configures the profile with some malicious contents, an arbitrary script may be executed ...