Telegram 跨站脚本漏洞

Telegram is an instant messaging mobile application. version 0.6.1 of Telegram Web K Alpha is vulnerable to a cross-site scripting vulnerability that stems from the fact that Telegram Web K Alpha allows XSS to pass through document names. An attacker could exploit the vulnerability to execute...

WordPress Cross-site Request Forgery Vulnerability (CNVD-2021-59587)

WordPress is a set of blogging platforms developed by the WordPress Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.A cross-site request forgery vulnerability exists in the WooCommerce Stock Manager WordPress plugin,...

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55883)

NCH Axon PBX is a set of virtual telephone switch software used in a business environment. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the fact that the product's customer name does not properly filter special characters in the input data and can be exploited to...

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55885)

NCH Axon PBX is a set of virtual telephone switch software used in business environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems fro...

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55882)

NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems...

NCH Quorum Cross-Site Scripting Vulnerability

NCH Quorum is a teleconference server software. It can turn any computer into a conference call server. A cross-site scripting vulnerability exists in NCH Quorum, which stems from the product's /conferencebrowseuploadfile?confid=failure to properly handle user input data and can be exploited to...

NCH IVM Attendant Cross-Site Scripting Vulnerability

NCH IVM Attendant is an application of nch. A cross-site scripting vulnerability exists in NCH IVM Attendant, which stems from the product's Mailbox name failing to properly filter incoming data for special characters, and could be exploited by attackers to execute client-side code...

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55884)

NCH Axon PBX is a virtual phone switch software used in business environments. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the failure of the product's primary phone to properly filter incoming data for special characters, which can be exploited to execute...

MISP 跨站脚本漏洞

MISP is an open source software solution. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. MISP suffers from a cross-site scripting vulnerability that stems from...

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55887)

NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the failure of the product's outbound dialing plan to properly filter incoming data for special characters, which can be...

NCH Axon PBX 跨站脚本漏洞

NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems...

NCH Axon PBX 跨站脚本漏洞

NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the failure of the product's outbound dialing plan to properly filter incoming data for special characters, which can be...

NCH Axon PBX 跨站脚本漏洞

NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems...

NCH Axon PBX 跨站脚本漏洞

NCH Axon PBX is a set of virtual telephone switch software used in business environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems fro...

NCH IVM Attendant 跨站脚本漏洞

NCH IVM Attendant is an application of nch. A cross-site scripting vulnerability exists in NCH IVM Attendant, which stems from the product's Mailbox name failing to properly filter incoming data for special characters, and could be exploited by attackers to execute client-side code...

NCH Axon PBX 跨站脚本漏洞

NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the failure of the product's extension name to properly filter special characters in input data, and can be exploited to execut...

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed by the WordPress Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.A cross-site request forgery vulnerability exists in the WooCommerce Stock Manager WordPress plugin,...

Aruba Instant 跨站脚本漏洞

Aruba Instant is a wireless network from Aruba USA. provides the only Wi-Fi solution that is easy to set up. A cross-site scripting vulnerability exists in Aruba Instant Access Point IAP, which stems from a WEB application that lacks proper validation of client data. An attacker could exploit the...

IBM Cloud Pak for Applications Cross-Site Scripting Vulnerability (CNVD-2022-05118)

IBM Cloud Pak for Applications is an application from IBM USA, Inc. A cross-site scripting vulnerability exists in IBM Cloud Pak for Applications, which stems from the product's lack of validation of user-side data, and could be exploited by an attacker to execute client-side code and potentially...

UMeditor 跨站脚本漏洞

UMeditor is an editor application. A security vulnerability exists in umeditor, which stems from a cross-site scripting XSS vulnerability in umeditor v1.2.3. An attacker can exploit the vulnerability to execute client-side code...