Debian: Security Advisory (DLA-3368-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3368-1] libreoffice security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3368-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucaries March 26, 2023 https://wiki.debian.org/LTS -...

Privilege escalation

Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In the affected...

CVE-2022-47502 Apache OpenOffice: Macro URL arbitrary script execution

Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In the affected...

CVE-2022-47502

Apache OpenOffice

CVE-2023-25593

Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browse...

CVE-2023-25592

Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browse...

Cross site scripting

Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browse...

MiroTalk P2P 跨站脚本漏洞

MiroTalk P2P is a simple, secure and fast real-time video conferencing software from MiroTalk. A security vulnerability exists in previous versions of MiroTalk P2P f535b35 that stems from the presence of a cross-site scripting XSS vulnerability, which can be exploited by an attacker to inject a...

Aruba Networks ClearPass Policy Manager 跨站脚本漏洞

Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. A security vulnerability exists in Aruba Networks ClearPass Policy Manager that originates from the presence of Reflective Cross Site Scripting XSS, whic...

Cross site scripting

A cross-site scripting XSS vulnerability in the Edit Group function of ChurchCRM v4.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Group Name text field...

Adobe Commerce 跨站脚本漏洞

Adobe Commerce is the United States of America Odobie Adobe company of a kind for merchants and brands of the world's leading digital commerce solutions. A cross-site scripting vulnerability exists in Adobe Commerce. The vulnerability stems from the application's lack of effective filtering and...

CVE-2023-25593 Reflected Cross Site Scripting Vulnerabilities (XSS) in ClearPass Policy Manager Web-Based Management Interface

Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browse...

CVE-2023-25592 Reflected Cross Site Scripting Vulnerabilities (XSS) in ClearPass Policy Manager Web-Based Management Interface

Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browse...

CVE-2023-27070

A stored cross-site scripting XSS vulnerability in TotalJS OpenPlatform commit b80b09d allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field...

CVE-2022-48111

A cross-site scripting XSS vulnerability in the checklogin function of SIPE s.r.l WI400 between version 8 and 11 included allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the f parameter...

Cisco Prime Infrastructure Stored XSS (cisco-sa-cisco-pi-epnm-xss-mZShH2J)

The version of Cisco Prime Infrastructure installed on the remote host is prior to 3.10.3. It is, therefore, affected by a cross-site scripting XSSvulnerability as referenced in the cisco-sa-cisco-pi-epnm-xss-mZShH2J advisory. This vulnerability is due to insufficient validation of user-supplied...

Cisco Evolved Programmable Network Manager Stored XSS (cisco-sa-cisco-pi-epnm-xss-mZShH2J)

The version of Cisco Evolved Programmable Network Manager installed on the remote host is prior to 7.0. It is, therefore, affected by a cross-site scripting XSSvulnerability as referenced in the cisco-sa-cisco-pi-epnm-xss-mZShH2J advisory. This vulnerability is due to insufficient validation of...

CVE-2023-27211

A cross-site scripting XSS vulnerability in /admin/navbar.php of Online Pizza Ordering System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the page parameter...

PT-2023-21009 · Unknown · Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: Online Pizza Ordering System version 1.0 Description: A cross-site scripting XSS issue in the /admin/navbar.php endpoint of the Online Pizza Ordering System allows attackers to execute arbitrary web scripts or HTML via a crafted payload...