Cross-Site Scripting in PAN-OS

A vulnerability exists in PAN-OS’s GlobalProtect internal and external gateway interface. This issue could allow for a cross-site scripting XSS attack. PAN-OS does not properly validate specific request parameters. Ref PAN-76003 / CVE-2017-12416 Successful exploitation of this issue may allow an...

CVE-2017-10838

Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-10837

Cross-site scripting vulnerability in BackupGuard prior to version 1.1.47 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

Smartwebsites SmartCMS Cross-Site Scripting Vulnerability

Smartwebsites SmartCMS is a Content Management System CMS from Smartwebsites Cyprus. The system provides online content management, user management and document management. A cross-site scripting vulnerability exists in Smartwebsites SmartCMS version 2. A remote attacker can exploit this...

Liferay Portal CE Cross-Site Scripting Vulnerability (NVD-C-2017-97626)

Liferay Portal is a J2EE-based portal solution from Liferay, Inc. The solution uses EJB as well as JMS and other technologies , and can be used as a Web publishing and sharing workspaces , enterprise collaboration platforms , social networks and so on. A cross-site scripting vulnerability exists ...

CVE-2017-2243

Cross-site scripting vulnerability in Responsive Lightbox prior to version 1.7.2 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-10970

Cross-site scripting XSS vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the diehtmlinputerror function in lib/htmlvalidate.php...

Cross site scripting

Multiple Cross-site scripting XSS vulnerabilities in Webmin before 1.850 allow remote attackers to inject arbitrary web script or HTML via the sec parameter to viewman.cgi, the referers parameter to changereferers.cgi, or the name parameter to saveuser.cgi. NOTE: these issues were not fixed in...

Cross site scripting

Cross-site scripting XSS vulnerabilities in Synology Audio Station 5.1 before 5.1-2550 and 5.4 before 5.4-2857 allows remote authenticated attackers to inject arbitrary web script or HTML via the album title...

CVE-2015-9105

Multiple cross-site scripting XSS vulnerabilities in Synology Video Station 1.2 before 1.2-0455, 1.5 before 1.5-0772, and 1.6 before 1.6-0847 allow remote authenticated attackers to inject arbitrary web script or HTML via the 1 file name or 2 collection name of videos...

Cross site scripting

Cross-site scripting vulnerability in SOY CMS with installer 1.8.12 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Nextcloud Server Cross-Site Scripting Vulnerability (CNVD-2017-07616)

Nextcloud is an open source self-hosted file synchronization and sharing communication application platform from Nextcloud Germany.Nextcloud Server is one of the server version. A cross-site scripting vulnerability exists in several components of Nextcloud Server. A remote attacker can exploit th...

Zenario Cross-Site Scripting Vulnerability

Zenario is a web-based content management system and multilingual page software. A cross-site scripting vulnerability exists in Zenario version 7.6. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

Cross site scripting

Cross-site scripting vulnerability in YOP Poll versions prior to 5.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2017-04904)

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A cross-site scripting vulnerability exists in Revive Adserver. A remote attacker can exploit this vulnerabili...

Ganglia Web < 3.5.8 XSS Vulnerability

Ganglia Web is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

MaNGOSWebV4 cross-site scripting vulnerability (CNVD-2017-03505)

MaNGOSWeb is a World of Warcraft private server CMS. maNGOSWebV4 is one of the versions. A cross-site scripting vulnerability exists in the inc/admin/templatefiles/admin.donate.php page of MaNGOSWebV4. An attacker can exploit this vulnerability to inject arbitrary web script or HTML...

Joomla com_fabrik component cross-site scripting vulnerability

Joomla is an open source content management system CMS. A cross-site scripting vulnerability exists in the Joomla comfabrik component. An attacker can exploit this vulnerability to inject arbitrary web script and HTML...

EMC RSA Security Analytics Cross-Site Scripting Vulnerability

EMC RSA Security Analytics SA is a suite of security intelligence analytics platforms from EMC Corporation. The platform leverages and extends the architecture and analytics capabilities of RSA NetWitness. A cross-site scripting vulnerability exists in EMC RSA SA versions 10.5.3 and 10.6.2. A...

dotCMS cross-site scripting vulnerability (CNVD-2017-01336)

dotCMS is a content management system CMS from the US company DotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A cross-site scripting vulnerability exists in dotCMS version 3.7.0. An attacker can exploit this vulnerability to...