7610 matches found
CVE-2023-38569
Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...
CVE-2023-38569
Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...
Cross site scripting
Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...
Cross site scripting
Stored cross-site scripting vulnerability in Map setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script...
CVE-2023-38569
Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...
CVE-2023-36492
Reflected cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...
CVE-2023-40535
Stored cross-site scripting vulnerability in View setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script...
CVE-2023-39938
Reflected cross-site scripting vulnerability in VI Web Client prior to 7.9.6 allows a remote unauthenticated attacker to inject an arbitrary script...
CVE-2023-39938
Reflected cross-site scripting vulnerability in VI Web Client prior to 7.9.6 allows a remote unauthenticated attacker to inject an arbitrary script...
JVN#92720882: Multiple vulnerabilities in CGIs of PMailServer and PMailServer2
CGIs included with PMailServer and PMailServer2 provided by A.K.I Software contain multiple vulnerabilities listed below. Stored cross-site scripting vulnerability CWE-79 - CVE-2023-39223 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVS...
PT-2023-25592 · Shirasagi · Shirasagi
Name of the Vulnerable Software and Affected Versions: SHIRASAGI versions prior to 1.18.0 Description: A reflected cross-site scripting issue allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product. This enables the...
CVE-2023-37830
A cross-site scripting XSS vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter...
General Solutions Steiner GmbH CASE 3 Taskmanagement Cross-Site Scripting Vulnerability
General Solutions Steiner CASE 3 Taskmanagement is an application from General Solutions Steiner Austria. A security vulnerability exists in General Solutions Steiner GmbH CASE 3 Taskmanagement version V3.3. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a...
Free and Open Source Inventory Management System Cross-Site Scripting Vulnerability
Inventory Management System is an inventory management system by stemword individual developers. A security vulnerability exists in Free and Open Source Inventory Management System v1.0, which stems from the presence of multiple cross-site scripting XSS vulnerabilities that could allow an attacke...
PT-2023-27085 · Unknown · Free/Open Source Inventory Management System
Name of the Vulnerable Software and Affected Versions: Free and Open Source Inventory Management System version 1.0 Description: The issue allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the "Add New...
JVN#60140221: Multiple vulnerabilities in i-PRO VI Web Client
VI Web Client provided by i-PRO Co., Ltd. is Video Insight’s video management software. VI Web Client contains multiple vulnerabilities listed below. Open Redirect CWE-601 - CVE-2023-38574 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N| Base Score: 4.7...
CVE-2023-39266
A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface provided certain configuration options are present. A successful exploit could allow an attacker to...
CVE-2023-39266 Unauthenticated Stored Cross-Site Scripting in ArubaOS-Switch
A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface provided certain configuration options are present. A successful exploit could allow an attacker to...
PT-2023-26856 · Aruba · Arubaos-Switch
Name of the Vulnerable Software and Affected Versions: ArubaOS-Switch affected versions not specified Description: A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of th...
CVE-2023-39578
A stored cross-site scripting XSS vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu navigation text field...