Crlf injection

A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed CRLF injection attack against a user. This vulnerability is due to insufficient validation of user-supplied input. An attacker could...

CVE-2024-20337

A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed CRLF injection attack against a user. This vulnerability is due to insufficient validation of user-supplied input. An attacker could...

BIT-WORDPRESS-2022-43497

Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7...

BIT-WORDPRESS-MULTISITE-2022-43497

Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7...

BIT-WORDPRESS-MULTISITE-2022-43500

Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7...

Customer Support System 跨站脚本漏洞

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a cross-site scripting vulnerability that stems fro...

CVE-2023-49971

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customersupport/index.php?page=customerlist...

openSUSE: Security Advisory for libreoffice (SUSE-SU-2023:4932-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-25436

A cross-site scripting XSS vulnerability in the Production module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

Cross site scripting

A cross-site scripting XSS vulnerability in the Submission module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...

PKP OPEN JOURNAL SYSTEMS Cross-Site Scripting Vulnerability

PKP OPEN JOURNAL SYSTEMS PKP OJS is an end-to-end scholarly publishing platform from PKP Inc. A cross-site scripting vulnerability exists in PKP OPEN JOURNAL SYSTEMS version v3.3, which originates from a vulnerability that allows attackers to execute arbitrary web script or HTML via the Input...

RenderTune Security Vulnerability

RenderTune is a free electronic application for Mac/Windows/Linux that uses ffmpeg to combine audio + image files into video files. A security vulnerability exists in RenderTune v1.1.4, which stems from a cross-site scripting XSS vulnerability. An attacker can exploit this vulnerability to execut...

JVN#78084105: OpenPNE plugin "opTimelinePlugin" vulnerable to cross-site scripting

OpenPNE plugin "opTimelinePlugin" provided by OpenPNE Project contains a stored cross-site scripting vulnerability CWE-79 in Edit Profile page. Impact On the site which uses the affected product, when a user configures the profile with some malicious contents, an arbitrary script may be executed ...

IBM InfoSphere Information Server 跨站脚本漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server version 11.7,...

CVE-2024-26300

A vulnerability in the guest interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim...

Cross site scripting

A vulnerability in the guest interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim...

CVE-2024-26299

A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script...

Cross site scripting

A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script...

GHSA-PCM8-QQRP-W6QF Enhavo Cross-site Scripting vulnerability

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field...

Enhavo Cross-site Scripting vulnerability

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field...