CVE-2023-51436

Cross-site scripting vulnerability exists in UNIVERSAL PASSPORT RX versions 1.0.0 to 1.0.8, which may allow a remote authenticated attacker with an administrative privilege to execute an arbitrary script on the web browser of the user who is using the product...

CVE-2023-42427

Cross-site scripting vulnerability exists in UNIVERSAL PASSPORT RX versions 1.0.0 to 1.0.7, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is using the product...

CVE-2023-51436

Cross-site scripting vulnerability exists in UNIVERSAL PASSPORT RX versions 1.0.0 to 1.0.8, which may allow a remote authenticated attacker with an administrative privilege to execute an arbitrary script on the web browser of the user who is using the product...

CVE-2023-42427

Cross-site scripting vulnerability exists in UNIVERSAL PASSPORT RX versions 1.0.0 to 1.0.7, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is using the product...

CVE-2023-42427

Cross-site scripting vulnerability exists in UNIVERSAL PASSPORT RX versions 1.0.0 to 1.0.7, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is using the product...

CVE-2024-35504

A cross-site scripting XSS vulnerability in the login page of FineSoft v8.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL:errorname parameter after a failed login attempt...

FineSoft 安全漏洞

FineSoft is an application. A security vulnerability exists in FineSoft version v8.0 that stems from the presence of a cross-site scripting XSS vulnerability that allows an attacker to execute arbitrary web script or HTML via a crafted payload...

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from a cross-site...

Ubuntu: Security Advisory (USN-6789-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-35583

A cross-site scripting XSS vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field...

CVE-2024-35582

A cross-site scripting XSS vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Department input field...

CVE-2024-35621

A cross-site scripting XSS vulnerability in the Edit function of Formwork before 1.13.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content field...

USN-6789-1: LibreOffice vulnerability

Amel Bouziane-Leblond discovered that LibreOffice incorrectly handled graphic on-click bindings. If a user were tricked into clicking a graphic in a specially crafted document, a remote attacker could possibly run arbitrary script...

Laboratory Management System 安全漏洞

Laboratory Management System is a laboratory management system by oretnom23 individual developer. A security vulnerability exists in Laboratory Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into...

Laboratory Management System 安全漏洞

Laboratory Management System is a laboratory management system by oretnom23 individual developer. A security vulnerability exists in Laboratory Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into...

CVE-2024-35297

Cross-site scripting vulnerability exists in WP Booking versions prior to 2.4.5. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing the web site using the product...

CVE-2024-35291

Splunk Config Explorer contains a reflected XSS (CWE-79) in versions prior to 1.7.16. The issue arises from inadequate protection of the web page structure, allowing an arbitrary script to run in the victim’s browser when exploited. Affected: Splunk Config Explorer

WordPress Spectra plugin cross-site scripting vulnerability (CNVD-2024-27891)

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Splunk Config Explorer vulnerable to cross-site scripting

Overview Splunk Config Explorer provided by Chris Younger contains a reflected cross-site scripting vulnerability CWE-79. Taihei Shimamine of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

WordPress Plugin "WP Booking" vulnerable to cross-site scripting

Overview WordPress Plugin "WP Booking" provided by aviplugins.com contains a stored cross-site scripting vulnerability CWE-79. Daiki Sato of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...