Backdrop CMS Cross-Site Scripting Vulnerability (CNVD-2020-03708)

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS version 1.13.x before 1.13.5 and version 1.14.x before 1.14.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker...

SolarWinds Serv-U FTP Server Cross-Site Scripting Vulnerability (CNVD-2019-46256)

SolarWinds Serv-U FTP Server is a set of U.S. SolarWinds FTP and MFT file transfer software. A cross-site scripting vulnerability exists in SolarWinds Serv-U FTP Server version 15.1.7. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker coul...

WordPress CleanTalk cleantalk-spam-protect cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.CleanTalk cleantalk-spam-protect is a spam-protection plugin used in it. A cross-site scripting vulnerability exists in WordPress...

nopCommerce Cross-Site Scripting Vulnerability

nopCommerce is a set of open source general e-commerce platform. nopCommerce 4.20 and earlier versions of PresentationNop.WebAreasAdminControllersNewsController.cs and PresentationNop. WebAreasAdminControllersBlogController.cs components have a cross-site scripting vulnerability in the...

Documize Cross-Site Scripting Vulnerability

Documize is an open source document collaboration system built on Golang and EmberJS. A cross-site scripting vulnerability exists in the domain/section/markdown/markdown.go file in Documize versions prior to 3.5.1. The vulnerability stems from the lack of proper validation of client-side data by...

QNAP Systems QNAP Music Station Cross-Site Scripting Vulnerability

QNAP Systems QNAP Music Station is a music playback and management application from QNAP Systems. A cross-site scripting vulnerability exists in QNAP Systems Music Station. The vulnerability stems from a lack of proper validation of client data in the web application. An attacker can exploit this...

TIBCO Software EBX Web Server Component Cross-Site Scripting Vulnerability

TIBCO Software EBX is a suite of enterprise data management solutions from TIBCO Software, USA. A cross-site scripting vulnerability exists in the web server component of TIBCO Software EBX, which stems from a lack of proper validation of client data in the web application and can be exploited by...

Alfresco Software Alfresco Enterprise Cross-Site Scripting Vulnerability

Alfresco Software Alfresco Enterprise is the enterprise version of an enterprise content management system from Alfresco Software. The system includes document management, office collaboration and other features. A cross-site scripting vulnerability exists in Alfresco Software Alfresco Enterprise...

WordPress CSS Hero Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.CSS Hero is a CSS creation plugin used in it. A cross-site scripting vulnerability exists in WordPress CSS Hero 4.0.3 and earlier...

SALTO ProAccess SPACE Cross-Site Scripting Vulnerability

Salto Systems ProAccess SPACE is a web-based access control management tool from Salto Systems, Spain. A cross-site scripting vulnerability exists in Salto Systems ProAccess SPACE version 5.4.3.0. The vulnerability stems from a lack of proper validation of client data by the WEB application. An...

Dolibarr ERP/CRM Cross-Site Scripting Vulnerability (CNVD-2019-45129)

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A cross-site scripting vulnerability exists in Dolibarr CRM/ER...

Pivotal Software RabbitMQ Cross-Site Scripting Vulnerability

Pivotal Software RabbitMQ is the United States Pivotal Software, Inc. of a set of implementation of the Advanced Message Queuing Protocol AMQP open source message broker software. A cross-site scripting vulnerability exists in Pivotal Software RabbitMQ. The vulnerability stems from a lack of prop...

CloudBees Jenkins Cross-Site Scripting Vulnerability (CNVD-2019-42822)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...

AngularJS Cross-Site Scripting Vulnerability

AngularJS is a TypeScript-based open source web application framework. A cross-site scripting vulnerability exists in AngularJS, which stems from the lack of proper validation of client-side data in a WEB application and can be exploited by an attacker to execute client-side code...

Ilch Cross-Site Scripting Vulnerability

Ilch is an open source content management system CMS. A cross-site scripting vulnerability exists in Ilch. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to execute client-side code...

WordPress download-plugins-dashboard plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress download-plugins-dashboard plugin. The...

Magento cross-site scripting vulnerability (CNVD-2020-52442)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. A cross-site scripting vulnerability exists in Magento version 2.2 and 2.3. The vulnerability stems from a lack o...

TYPO3 cross-site scripting vulnerability (CNVD-2019-41233)

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in TYPO3 versions prior to 4.3.12, 4.4.x prior to 4.4.9 and 4.5.x prior to 4.5.4. The vulnerability stems from a lack of proper validation of...

Pagure Cross-Site Scripting Vulnerability (CNVD-2020-17195)

Pagure is a Git repository written in Python to provide Web services. Pagure suffers from a cross-site scripting vulnerability. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute client-side cod...

IBM QRadar SIEM Cross-Site Scripting Vulnerability (CNVD-2019-44941)

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A cross-site...