3237 matches found
CVE-2023-25837
There is a Cross‑Site Scripting XSS vulnerability in Esri ArcGIS Enterprise Sites versions 10.9 and below that may allow a remote, authenticated attacker to create a crafted link which, when clicked by a victim, could result in the execution of arbitrary JavaScript code in the target’s browser...
CVE-2023-25837
There is a Cross‑Site Scripting XSS vulnerability in Esri ArcGIS Enterprise Sites versions 10.9 and below that may allow a remote, authenticated attacker to create a crafted link which, when clicked by a victim, could result in the execution of arbitrary JavaScript code in the target’s browser...
Cross site scripting
There is a Cross-site Scripting vulnerability in Esri ArcGIS Enterprise Sites versions 10.8.1 – 10.9 that may allow a remote, authenticated attacker to create a crafted link which when clicked by a victim could potentially execute arbitrary JavaScript code in the target's browser. The privileges...
Cross site scripting
There is a Cross-site Scripting vulnerability in Esri Portal Sites in versions 10.8.1 – 10.9 that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victims browser. The privileges required to execute...
CVE-2023-25837 BUG-000133088 - ArcGIS Enterprise site builder is subject to stored XSS.
There is a Cross‑Site Scripting XSS vulnerability in Esri ArcGIS Enterprise Sites versions 10.9 and below that may allow a remote, authenticated attacker to create a crafted link which, when clicked by a victim, could result in the execution of arbitrary JavaScript code in the target’s browser...
CVE-2023-25836 BUG-000135364 XSS in 10.8.1 sites builder iframe source
There is a Cross-site Scripting vulnerability in Esri Portal for ArcGIS Sites in versions 10.9 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victims browser. The privileges required...
CVE-2023-25835
There is a stored Cross‑Site Scripting XSS vulnerability in Esri Portal for ArcGIS Sites versions 11.1 and below that may allow a remote, authenticated attacker with high‑privileged access to create a crafted link that is persisted within the site configuration. When accessed by a victim, the...
Esri Portal For ArcGIS 跨站脚本漏洞
Esri Portal For ArcGIS is a component from Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A cross-site scripting vulnerability exists in Esri Portal For ArcGIS versions 10.8.1 through 10.9, which stems from the presen...
Cross-site Scripting (XSS)
ckeditor-wordcount-plugin is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the strip function at plugin.js when switching to the source code mode which allows an attacker to inject and execute arbitrary javascript...
Milesight VPN 安全漏洞
Milesight VPN is a web-based VPN monitoring and management platform from China-based Milesight. A security vulnerability exists in Milesight VPN v2.0.2. An attacker can exploit this vulnerability to cause arbitrary Javascript code injection via a specially crafted HTTP request...
CVE-2023-34599
Multiple Cross-Site Scripting XSS vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code...
CVE-2023-34599
Multiple Cross-Site Scripting XSS vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code...
CVE-2023-34599
Multiple Cross-Site Scripting XSS vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code...
Cross site scripting
Multiple Cross-Site Scripting XSS vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code...
CVE-2023-34599
Multiple Cross-Site Scripting XSS vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code...
CVE-2023-34599
Multiple Cross-Site Scripting XSS vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code...
CVE-2023-34835
A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable deletefile parameter...
IBM Business Automation Workflow 跨站脚本漏洞
IBM Business Automation Workflow is a suite of workflow automation solutions from International Business Machines IBM. The product is primarily used for workflow management, compliance management, and features workflow visibility and scalability. IBM Business Automation Workflow has a security...
MTN Group: Reflected XSS in https://nin.mtn.ng/nin/success?message=lol&nin=<VULNERABLE>
The reflected XSS vulnerability was found in the 'nin' parameter of the 'https://nin.mtn.ng/nin/success' endpoint. Successful exploitation allowed an attacker to execute arbitrary JavaScript in the victim's browser...
Acronis: [oem.acronis.com] Reflected Cross Site Scripting
The researcher discovered a reflected cross-site scripting XSS vulnerability on the oem.acronis.com website. The vulnerability was found on the /test/testenv.html page, where user-supplied input was not properly sanitized, allowing the execution of arbitrary JavaScript code...