Lucene search
K

7613 matches found

CNNVD
CNNVD
added 2021/08/26 12:0 a.m.4 views

DzzOffice 跨站脚本漏洞

DzzOffice is a platform from IBM DzzOffice in the United States that provides online collaborative office suite functionality. The platform can be used to provide online documents, forms, web disk, presentations and other functions. A security vulnerability exists in the referer parameter of...

6.1CVSS6.7AI score0.00677EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/08/26 12:0 a.m.40 views

Atlassian JIRA < 8.5.14 / 8.6.x < 8.13.6 / 8.14.x < 8.16.1 XSS (JRASERVER-72392)

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is affected by a cross-site scripting vulnerability in the number range searcher component due to improper validation of user-supplied input before returning it to users. An...

6.1CVSS6.4AI score0.03841EPSS
Exploits4References2
CNNVD
CNNVD
added 2021/08/25 12:0 a.m.4 views

Six Apart Movable Type 跨站脚本漏洞

Six Apart Movable Type MT is a blogging system from Six Apart USA. The system includes features such as multiple users, comments, quotes, and topics. Six Apart Movable Type suffers from a cross-site scripting vulnerability that stems from the application's insufficient cleansing of user-supplied...

6.1CVSS6.4AI score0.009EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/08/25 12:0 a.m.71 views

JVN#97545738: Multiple cross-site scripting vulnerabilities in Movable Type

Movable Type provided by Six Apart Ltd. contains multiple cross-site scripting vulnerabilities listed below. Cross-site scripting vulnerability in Search screen CWE-79 - CVE-2021-20808 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS...

6.1CVSS6.5AI score0.00904EPSS
Exploits0
Cvelist
Cvelist
added 2021/08/24 11:20 a.m.19 views

CVE-2021-33191 MiNiFi CPP arbitrary script execution is possible on the agent's host machine through the c2 protocol

From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. This "patching" command defaults to calling a trusted binary, but might be modified to an arbitrary value through a "c2-update" command. Said command ...

9.6AI score0.04024EPSS
Exploits0References3
OSV
OSV
added 2021/08/18 6:15 a.m.2 views

CVE-2021-20769

Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

5.4CVSS6.2AI score0.00605EPSS
Exploits0References2
OSV
OSV
added 2021/08/18 6:15 a.m.2 views

CVE-2021-20766

Cross-site scripting vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.3AI score0.00757EPSS
Exploits0References2
NVD
NVD
added 2021/08/18 6:15 a.m.14 views

CVE-2021-20766

Cross-site scripting vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00757EPSS
Exploits0References2
NVD
NVD
added 2021/08/18 6:15 a.m.13 views

CVE-2021-20767

Cross-site scripting vulnerability in Full Text Search of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

5.4CVSS0.00608EPSS
Exploits0References2
NVD
NVD
added 2021/08/18 6:15 a.m.14 views

CVE-2021-20771

Cross-site scripting vulnerability in some functions of E-Mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00796EPSS
Exploits0References2
NVD
NVD
added 2021/08/18 6:15 a.m.26 views

CVE-2021-20792

Cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.1.14 allows a remote attacker to inject arbitrary script via unspecified vectors...

6.1CVSS0.03515EPSS
Exploits1References4
OSV
OSV
added 2021/08/18 6:15 a.m.2 views

CVE-2021-20770

Cross-site scripting vulnerability in Message of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

5.4CVSS6.2AI score0.00605EPSS
Exploits0References2
Prion
Prion
added 2021/08/18 6:15 a.m.20 views

Cross site scripting

Cross-site scripting vulnerability in Message of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

3.5CVSS5.6AI score0.00605EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/08/18 6:15 a.m.24 views

Cross site scripting

Cross-site scripting vulnerability in Full Text Search of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

3.5CVSS5.6AI score0.00608EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/08/18 6:15 a.m.20 views

Cross site scripting

Cross-site scripting vulnerability in some functions of E-Mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS6.2AI score0.00796EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/08/18 6:15 a.m.14 views

Cross site scripting

Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

3.5CVSS5.6AI score0.00605EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/08/18 6:15 a.m.16 views

Cross site scripting

Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS6.2AI score0.008EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/08/18 5:36 a.m.24 views

CVE-2021-20792

Cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.1.14 allows a remote attacker to inject arbitrary script via unspecified vectors...

6.2AI score0.03515EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/08/18 5:36 a.m.20 views

CVE-2021-20771

Cross-site scripting vulnerability in some functions of E-Mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.5AI score0.00796EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/08/18 5:36 a.m.16 views

CVE-2021-20769

Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

6AI score0.00605EPSS
Exploits0References2
Rows per page
Query Builder