Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-24415)

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products, which stems from a lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client-side code...

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27218)

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products, which stems from a lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client-side code...

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-26944)

NETGEAR D7800 and others are products of NETGEAR, Inc.NETGEAR D7800 is a wireless modem.NETGEAR R7500 is a wireless router.NETGEAR XR500 is a wireless router.NETGEAR R7500 is a wireless router.NETGEAR R7500 is a wireless router.NETGEAR R7500 is a wireless router.NETGEAR R7500 is a wireless...

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-24416)

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products, which stems from a lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client-side code...

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-24411)

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products, which stems from a lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client-side code...

Torchbox Wagtail Cross-Site Scripting Vulnerability

Torchbox Wagtail is an open source content management system CMS from Torchbox UK. A cross-site scripting vulnerability exists in Torchbox Wagtail version 2.8.1 and versions prior to 2.7.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

SAP NetWeaver AS ABAP Cross-Site Scripting Vulnerability

SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. A cross-site scripting vulnerability exists in SAP NetWeaver AS ABAP Business Server Pages application CRMBSPFRAME. The vulnerability stems from a lack of proper...

Vastgota-Data ProVide Admin Web Interface Cross-Site Scripting Vulnerability

Vastgota-Data ProVide is a file transfer server with a graphical user interface from Vastgota-Data, Sweden. A cross-site scripting vulnerability exists in the Admin Web Interface in Vastgota-Data ProVide 13.1 and earlier versions. The vulnerability stems from a lack of proper validation of client...

pki-core cross-site scripting vulnerability (CNVD-2020-27179)

pki-core is a library that provides an API for PKI operations. A cross-site scripting vulnerability exists in pki-core. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

IBM WebSphere Application Server Liberty Cross-Site Scripting Vulnerability (CNVD-2020-22194)

IBM WebSphere Application Server Liberty is a U.S. IBM company built on the Open Liberty project on top of the Java application server . A cross-site scripting vulnerability exists in IBM WebSphere Application Server Liberty. The vulnerability stems from a lack of proper validation of client-side...

Sunnet eHRD Cross-Site Scripting Vulnerability

Sunnet eHRD is a talent management system from Sun Chat Technology Company in Taiwan, China. The system supports talent management and performance management, etc. A cross-site scripting vulnerability exists in Sunnet eHRD. The vulnerability stems from the lack of proper validation of client-side...

Piwigo Cross-Site Scripting Vulnerability (CNVD-2020-24036)

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. A cross-site scripting vulnerability exists in Piwigo version 2.10.1. The vulnerability stems from the lack of proper validation of...

Dell RSA Authentication Manager Cross-Site Scripting Vulnerability (CNVD-2020-23206)

Dell RSA Authentication Manager is a centralized suite of binary authentication software from Dell, Inc. The software centralizes the management of binary identities, security tokens, methods and users across physical sites. A cross-site scripting vulnerability exists in Dell RSA Authentication...

Mozilla Bleach Cross-Site Scripting Vulnerability

Mozilla Bleach is an HTML cleanup library from the Mozilla Foundation in the United States. A cross-site scripting vulnerability exists in bleach.clean in Mozilla Bleach versions prior to 3.12. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

UliCMS Cross-Site Scripting Vulnerability

UliCMS is an open source content management system. UliCMS suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

Nagios XI Cross-Site Scripting Vulnerability (CNVD-2020-19531)

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A cross-site scripting vulnerability exists in Nagios XI version 5.6.11. The vulnerability stems from the...

CloudBees Jenkins Subversion Release Manager Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . Subversion Release Manager Plugin is used ...

Open edX Cross-Site Scripting Vulnerability

Open edX is an online learning management system. A cross-site scripting vulnerability exists in Open edX Ironwood.1, which stems from the lack of proper validation of client data in the WEB application and can be exploited by an attacker to execute client-side code...

pki-core cross-site scripting vulnerability (CNVD-2020-27183)

pki-core is a library that provides an API for PKI operations. A cross-site scripting vulnerability exists in pki-core. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-25831)

Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...