Lucene search
K

7613 matches found

Cisco
Cisco
added 2021/11/03 4:0 p.m.33 views

Cisco Webex Video Mesh Cross-Site Scripting Vulnerability

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

6.1CVSS6AI score0.0075EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/10/29 12:0 a.m.21 views

Cisco Firepower Management Center Software Multiple Vulnerabilities (cisco-sa-fmc-xss-openredir-TVPMWJyg)

The version of Cisco Firerpower Management Center installed on the remote host is affected by multiple vulnerabilities as referenced in the cisco-sa-fmc-xss-openredir-TVPMWJyg advisory, as follows: - An authenticated, remote attacker can exploit a vulnerability in the web-based management interfa...

6.1CVSS6.1AI score0.00592EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/10/28 12:0 a.m.2 views

Tiki Wiki 跨站脚本漏洞

Tiki Wiki is a Php-based wiki system for the Tiki community. A security vulnerability exists in TikiWiki v21.4, which allows an attacker to execute arbitrary web script or HTML by adding a payload under the Events module...

5.4CVSS6.1AI score0.00487EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/28 12:0 a.m.3 views

Tiki Wiki 跨站脚本漏洞

Tiki Wiki is a Php-based wiki system for the Tiki community. A security vulnerability exists in TikiWiki v21.4 that allows an attacker to execute arbitrary web script or HTML via a crafted payload under the Create Category module...

5.4CVSS6.2AI score0.00487EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.25 views

Cisco TelePresence Management Suite Stored XSS (cisco-sa-tms-xss-CwjZJSQc)

According to its self-reported version, Cisco TelePresence Management Suite is affected by a stored cross-site scripting XSS vulnerability in its web-based management interface due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can...

4.8CVSS5.7AI score0.00573EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/27 12:0 a.m.2 views

Sourcecodester Customer Relationship Management System 代码问题漏洞

Sourcecodester Customer Relationship Management System is an open source Php project by the individual developer Carlo Montero. Used to provide an online platform for companies to manage interactions with their customers or prospects. A file upload vulnerability exists in Sourcecodester Customer...

8.8CVSS5.8AI score0.0109EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/10/26 10:10 a.m.21 views

CVE-2020-5669

Cross-site scripting vulnerability in Movable Type Movable Type Premium 1.37 and earlier and Movable Type Premium Advanced 1.37 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

5.1AI score0.00585EPSS
Exploits0References2
Hacker One
Hacker One
added 2021/10/23 7:43 p.m.13 views

Rocket.Chat: XSS in various MessageTypes

The Rocket.Chat vulnerability allowed arbitrary script execution in the receiving frontend client through the rendering of messages of various MessageTypes. The vulnerability affected versions 3.18.2 and 4.0.3. The issue was caused by the lack of sanitization of message parameters rendered from...

7.3AI score
Exploits0
OSV
OSV
added 2021/10/22 8:15 p.m.3 views

CVE-2020-36499

TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a cross-site scripting XSS vulnerability in the content parameter of the Rubric Block Add module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the rubric name value...

5.4CVSS5.9AI score0.00551EPSS
Exploits1References1
Prion
Prion
added 2021/10/22 8:15 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Support module of SugarCRM v6.5.18 allows attackers to execute arbitrary web scripts or HTML via crafted payloads entered into the primary address state or alternate address state input fields...

3.5CVSS5.5AI score0.00562EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/10/22 8:15 p.m.8 views

Cross site scripting

Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting XSS vulnerability in the devicename parameter. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the devicename information...

3.5CVSS5.3AI score0.00551EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/10/22 12:0 a.m.5 views

Fork CMS 跨站脚本漏洞

Fork CMS is an open source content management system CMS developed using PHP. The system contains blogs , questions and answers , forms and other modules . A cross-site scripting vulnerability exists in Fork CMS Content Management System version 5.8.0, which can be exploited by an attacker to...

5.4CVSS5.5AI score0.00576EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/10/22 12:0 a.m.2 views

Sugarcrm SugarCRM 跨站脚本漏洞

Sugarcrm SugarCRM is an open source Customer Relationship Management CRM system from SugarCRM Sugarcrm, USA. The system supports differentiated marketing, management and distribution of sales leads for different customer needs, and information sharing and tracking of sales representatives. SugarC...

5.4CVSS6AI score0.00562EPSS
Exploits1References2
NVD
NVD
added 2021/10/21 3:15 a.m.21 views

CVE-2021-34760

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient input validation by the...

4.8CVSS0.00573EPSS
Exploits0References1
Prion
Prion
added 2021/10/21 3:15 a.m.24 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient input validation by the...

3.5CVSS4.9AI score0.00573EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/10/21 2:50 a.m.71 views

CVE-2021-34789

Cisco Tetration’s web-based management interface contains a stored XSS flaw caused by insufficient input validation. An authenticated attacker with valid administrative credentials could inject malicious scripts into specific interface pages, allowing execution of arbitrary script in the affected...

4.8CVSS4.8AI score0.00575EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/21 2:50 a.m.21 views

CVE-2021-34760 Cisco TelePresence Management Suite Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient input validation by the...

4.8CVSS5.2AI score0.00573EPSS
Exploits0References1
NVD
NVD
added 2021/10/13 9:15 a.m.12 views

CVE-2021-20807

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.0073EPSS
Exploits0References2
NVD
NVD
added 2021/10/13 9:15 a.m.16 views

CVE-2021-20805

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

5.4CVSS0.00585EPSS
Exploits0References2
NVD
NVD
added 2021/10/13 9:15 a.m.13 views

CVE-2021-20798

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

5.4CVSS0.00588EPSS
Exploits0References2
Rows per page
Query Builder