Cisco Small Business RV042 and RV042G Routers XSS (cisco-sa-sa-rv-routers-xss-K7Z5U6q3)

According to its self-reported version, Cisco Small Business RV Series Router Firmware is affected by a cross-site scripting XSS vulnerability in its web-based management console due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker ca...

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities (cisco-sa-mlt-ise-strd-xss-nqFhTtx7)

According to its self-reported version, Cisco Identity Services Engine Software is affected by multiple vulnerabilities in the web-based management interface. An authenticated, remote attacker with administrative credentials exploit these vulnerabilities by injecting malicious code into specific...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to...

CVE-2020-3282 Cisco Unified Communications Products Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to...

CVE-2020-3282 Cisco Unified Communications Products Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to...

Cisco Data Center Network Manager Multiple Stored Cross-Site Scripting Vulnerablities (June 2020)

A stored cross-site scripting XSS vulnerabilities exists in web-based management interface of Cisco Data Center Network Manager DCNM due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker, administrative credentials can exploit this, by...

CVE-2020-3354

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability is due to insufficient inpu...

WordPress < 5.4.2

According to its self-reported version number, the installation of WordPress installed on the remote host is affected by multiple vulnerabilities: - Multiple cross-site scripting XSS vulnerabilities exist in Wordpress due to improper validation of user-supplied input before returning it to users...

Cross site scripting

A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based Local Manager interface of an affected device. The attacker must have...

CVE-2020-3233 Cisco IOx Application Framework Local Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based Local Manager interface of an affected device. The attacker must have...

CVE-2020-3233 Cisco IOx Application Framework Local Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based Local Manager interface of an affected device. The attacker must have...

CVE-2020-3233

CVE-2020-3233 describes a stored cross-site scripting (XSS) vulnerability in Cisco IOx Application Framework’s web-based Local Manager interface. An authenticated user with Local Manager credentials can inject malicious code via the System Settings tab due to insufficient input validation, leadin...

Security Updates for Microsoft Dynamics NAV (Dec 2018)

The Microsoft Dynamics NAV install is missing a security update. It is, therefore, affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this, by sending a specially crafte...

Input validation

Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue...

CVE-2020-5737

Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue...

CVE-2019-16010 Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability

A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of...

CVE-2019-16010 Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability

A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of...

Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability (cisco-sa-prime-collab-xss-RjRCe9n7)

According to its self-reported version, Cisco Prime Collaboration Provisioning is affected by a cross-site scripting vulnerability in the web-based management interface due to insufficient validation of user-supplied input. An unauthenticated, remote attacker could exploit this by persuading a us...

Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability

A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of...

CVE-2020-3157

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplied...