Lucene search
K

7613 matches found

Prion
Prion
added 2023/01/05 7:15 a.m.22 views

Cross site scripting

Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary...

5.8CVSS6AI score0.00462EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/01/05 7:15 a.m.17 views

Cross site scripting

Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary...

5.8CVSS6AI score0.00462EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/01/05 7:15 a.m.28 views

Cross site scripting

A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute...

4.9CVSS5.2AI score0.00507EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/03 7:55 p.m.7 views

CVE-2022-43532

A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script...

8CVSS5.8AI score0.00421EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/03 7:39 p.m.27 views

CVE-2022-43527

Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary...

6.1CVSS6.1AI score0.00462EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/03 7:34 p.m.7 views

CVE-2022-43526

Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary...

6.1CVSS6AI score0.00462EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/03 7:34 p.m.32 views

CVE-2022-43526

Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary...

6.1CVSS6.1AI score0.00462EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/03 7:28 p.m.5 views

CVE-2022-43525

Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary...

6.1CVSS6AI score0.00462EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/12/22 12:0 a.m.25 views

Fedora 35 : libreoffice (2022-775c747e4a)

The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-775c747e4a advisory. LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command...

6.3CVSS6.7AI score0.04354EPSS
Exploits0References2
OSV
OSV
added 2022/12/21 6:15 p.m.5 views

CVE-2022-40841

A cross-site scripting XSS vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the "htmlNodes" parameter...

6.1CVSS5.9AI score0.00499EPSS
Exploits1References2
OSV
OSV
added 2022/12/21 9:15 a.m.16 views

CVE-2022-44449

Stored cross-site scripting vulnerability in Zenphoto versions prior to 1.6 allows remote a remote authenticated attacker with an administrative privilege to inject an arbitrary script...

4.8CVSS5.8AI score
Exploits0References3
Cvelist
Cvelist
added 2022/12/21 12:0 a.m.29 views

CVE-2022-44449

Stored cross-site scripting vulnerability in Zenphoto versions prior to 1.6 allows remote a remote authenticated attacker with an administrative privilege to inject an arbitrary script...

5AI score0.00742EPSS
Exploits0References3
CVE
CVE
added 2022/12/19 12:0 a.m.52 views

CVE-2022-46287

DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier are affected by a cross-site scripting (CWE-79) vulnerability (CVE-2022-46287). A remote, unauthenticated attacker can inject arbitrary script into users’ browsers when interacting with the system. The issue is confirmed in multiple sources within the...

6.1CVSS6.2AI score0.00549EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/12/16 5:15 p.m.16 views

Cross site scripting

A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as problematic. Affected by this issue is the function migrateMailIdentities of the file SoObjects/SOGo/SOGoUserDefaults.m of the component Identity Handler. The manipulation of the argument fullName leads to cross site scripting...

5.8CVSS6AI score0.00559EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/15 12:0 a.m.5 views

PT-2022-27380 · Unknown · Expense Tracker

Name of the Vulnerable Software and Affected Versions: Expense Tracker version 1.0 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field. Recommendations: For Expense Tracker version 1.0,...

5.4CVSS5.4AI score0.00465EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/12/15 12:0 a.m.5 views

CVE-2022-45033

A cross-site scripting XSS vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field...

5.3AI score0.00465EPSS
Exploits1References1
OSV
OSV
added 2022/12/14 3:15 p.m.4 views

CVE-2022-31358

A reflected cross-site scripting XSS vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/...

9CVSS6AI score0.01273EPSS
Exploits1References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/12/13 5:5 a.m.3 views

Redmine vulnerable to cross-site scripting

Overview Redmine contains a cross-site scripting vulnerability CWE-79 caused by improper Textile processing. Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

6.1CVSS6AI score0.00429EPSS
Exploits0References7
Cvelist
Cvelist
added 2022/12/13 12:0 a.m.19 views

CVE-2022-45028

A cross-site scripting XSS vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha...

6AI score0.00526EPSS
Exploits1References2
Prion
Prion
added 2022/12/12 1:15 p.m.20 views

Cross site scripting

A vulnerability within the web-based management interface of Aruba EdgeConnect Enterprise could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim...

5.8CVSS5.9AI score0.0049EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder