CVE-2016-8232

Document Object Model-DOM based cross-site scripting vulnerability in the Advanced Management Module AMM versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject...

CVE-2017-3838

A vulnerability in Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting XSS attack against the user of the web interface of the affected system. More Information: CSCvc04838. Known Affected Releases: 5.82.5...

Cross site scripting

A vulnerability in Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting XSS attack against the user of the web interface of the affected system. More Information: CSCvc04838. Known Affected Releases: 5.82.5...

Cisco Secure Access Control System Cross-Site Scripting Vulnerability

A vulnerability in Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting XSS attack against the user of the web interface of the affected system. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be...

Cisco Secure Access Control System Cross-Site Scripting Vulnerability

A vulnerability in Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of a user-suppli...

DOM-Based Cross-Site Scripting Vulnerability in the Advanced Management Module (AMM) - Lenovo Support US

No description provided...

Algolia: [github.algolia.com] DOM Based XSS github-btn.html

Description === Vulnerable parameter: user Vulnerable script: https://github.algolia.com/github-btn.html Vulnerable code: js var params = function for var t, e = , o = window.location.href.slicewindow.location.href.indexOf"?" + 1.split"&", r = 0; r HTMLHTMLHTMLHTMLHTMLHTML&type=follow PoC 2 XSS f...

Ubiquiti Inc.: [nutty.ubnt.com] DOM Based XSS nuttyapp github-btn.html

Description === Vulnerable parameter: user Vulnerable script: http://nutty.ubnt.com/github-btn.html Vulnerable code: js var params = function var vars = , hash; var hashes = window.location.href.slicewindow.location.href.indexOf'?' + 1.split'&'; forvar i = 0; i HTMLHTMLHTMLHTMLHTMLHTML&type=follo...

CVE-2017-2929

Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a DOM-based cross-site scripting vulnerability. Successful exploitation could lead to JavaScript code execution...

Cross site scripting

Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a DOM-based cross-site scripting vulnerability. Successful exploitation could lead to JavaScript code execution...

CVE-2017-2929

Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a DOM-based cross-site scripting vulnerability. Successful exploitation could lead to JavaScript code execution...

CVE-2017-2929

The CVE-2017-2929 entry concerns Adobe Acrobat extension for Chrome (version 15.1.0.3 and earlier). The connected sources confirm a DOM-based cross-site scripting vulnerability that can lead to JavaScript code execution in the context of the affected page due to improper input validation within t...

Slack: dom xss in https://www.slackatwork.com

https://www.slackatwork.com/wp-content/themes/twentyfifteen/genericons//example.html1...

Discourse: DOM Based XSS in Discourse Search

Steps to Reproduce: 1. Load http://try.discourse.org 2.Now From Top Right Corner Click on Search Button 3. Enter payload their Payload: @prompt1337gmail.com 4: Now in new windows that opens click on advance search and The XSS will Occur : 5: Now copy the link and send to victim there the XSS will...

Horos 2.1.0 Web Portal DOM Based XSS

Summary Horos™ is an open-source, free medical image viewer. The goal of the Horos Project is to develop a fully functional, 64-bit medical image viewer for OS X. Horos is based upon OsiriX and other open source medical imaging libraries. Description Horos suffers from a DOM-based XSS vulnerabili...

Horos 2.1.0 Cross Site Scripting

Horos 2.1.0 Web Portal DOM Based XSS Vendor: Horos Project Product web page: https://www.horosproject.org Affected version: 2.1.0 Summary: HorosaC/ is an open-source, free medical image viewer. The goal of the Horos Project is to develop a fully functional, 64-bit medical image viewer for OS X...

Horos 2.1.0 Cross Site Scripting Vulnerability

Exploit for macOS platform in category dos / poc Horos 2.1.0 Web Portal DOM Based XSS Vendor: Horos Project Product web page: https://www.horosproject.org Affected version: 2.1.0 Summary: HorosaC/ is an open-source, free medical image viewer. The goal of the Horos Project is to develop a fully...

OsiriX Web Portal 8.0.1 DOM Based XSS

Summary With high performance and an intuitive interactive user interface, OsiriX MD is the most widely used DICOM viewer in the world. It is the result of more than 10 years of research and development in digital imaging. It fully supports the DICOM standard for an easy integration in your...

U.S. Dept Of Defense: DOM Based XSS on an Army website

A U.S. Army website was vulnerable to a DOM based cross-site scripting attack which may be used to trick a web user into executing a malicious script, potentially revealing a user's browser cookies or modify web content. juliocesar was able to demonstrate this vulnerability by crafting a speciall...

Informatica: [kb.informatica.com] DOM based XSS in the bindBreadCrumb function

The bindBreadCrumb function, which is called after the document is loaded: javascript $document.readyfunction bindBreadCrumb; ; has the following insecure link assignments, that use non-encoded URL values: javascript strChild = "Search Results"; strChild = "Search Results"; strChild = "Search...