4382 matches found
CVE-2023-50808
Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the Modern UI...
Design/Logic Flaw
Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the Modern UI...
Synacor Zimbra Security Vulnerability
Synacor Zimbra is an open source email collaboration platform from Synacor, Inc. in the United States. A security vulnerability exists in Synacor Zimbra Collaboration. An attacker could exploit the vulnerability to inject DOM-based JavaScript...
CVE-2023-50808
Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the Modern UI...
CVE-2023-50808
Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the Modern UI...
CVE-2023-50808
CVE-2023-50808 affects Zimbra Collaboration prior to Kepler 9.0.0 Patch 38 GA, where the Modern UI is vulnerable to DOM-based JavaScript injection. The root cause is DOM manipulation in the Modern UI that enables injected script execution, as described across multiple sources. Impact statements i...
PT-2024-13974 · Zimbra · Zimbra Collaboration
Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration versions prior to Kepler 9.0.0 Patch 38 GA Description: The issue allows DOM-based JavaScript injection in the Modern UI. This could potentially lead to malicious script execution. No information is provided about the...
Exploit for Cross-site Scripting in Setorinformatica S.I.L.
CVE-2024-24035 Title The SIL 3.1 is vulnerable to Cross Site...
Cross site scripting
DOM-based Cross Site Scripting XSS vulnerability in 'Tail Event Logs' functionality in Nagios Nagios Cross-Platform Agent NCPA before 2.4.0 allows attackers to run arbitrary code via the name element when filtering for a log...
CVE-2021-43584
Nagios Nagios Cross-Platform Agent (NCPA) prior to version 2.4.0 is affected by a DOM-based XSS in the Tail Event Logs functionality, exploitable via the name element when filtering logs. The root cause involves unsanitized input in the log-filtering path, leading to arbitrary code execution unde...
MTN Group: DOM Based Reflected Cross Site Scripting
The outdated version of Swagger used by the notification-server-v2.sz-my.mtn.com asset was found to be vulnerable to a DOM-based reflected cross-site scripting vulnerability. The vulnerability was triggered by crafting a malicious URL that resulted in the execution of arbitrary scripts in the...
CVE-2023-51064
QStar Archive Solutions Release RELEASE3-0 Build 7 Patch 0 was discovered to contain a DOM Based reflected XSS vulnerability within the component qnme-ajax?method=treetable...
CVE-2023-51063
QStar Archive Solutions Release RELEASE3-0 Build 7 Patch 0 was discovered to contain a DOM Based Reflected Cross Site Scripting XSS vulnerability within the component qnme-ajax?method=treelevel...
Cross site scripting
QStar Archive Solutions Release RELEASE3-0 Build 7 Patch 0 was discovered to contain a DOM Based reflected XSS vulnerability within the component qnme-ajax?method=treetable...
CVE-2023-51063
QStar Archive Solutions Release RELEASE3-0 Build 7 Patch 0 was discovered to contain a DOM Based Reflected Cross Site Scripting XSS vulnerability within the component qnme-ajax?method=treelevel...
CVE-2023-51064
QStar Archive Solutions Release RELEASE3-0 Build 7 Patch 0 was discovered to contain a DOM Based reflected XSS vulnerability within the component qnme-ajax?method=treetable...
QStar Archive Solutions Security Breach
QStar Archive Solutions is QStar's range of storage technologies for managing disk arrays, object storage, tape libraries, optical libraries, WORM and clouds private and hybrid. A security vulnerability exists in the QStar Archive Solutions RELEASE3-0 Build 7 release, which stems from a DOM-based...
CVE-2023-51064
QStar Archive Solutions Release RELEASE3-0 Build 7 Patch 0 was discovered to contain a DOM Based reflected XSS vulnerability within the component qnme-ajax?method=treetable...
CVE-2023-51063
QStar Archive Solutions Release RELEASE3-0 Build 7 Patch 0 was discovered to contain a DOM Based Reflected Cross Site Scripting XSS vulnerability within the component qnme-ajax?method=treelevel...
PT-2024-14042 · Qstar · Qstar Archive Solutions
Name of the Vulnerable Software and Affected Versions: QStar Archive Solutions version RELEASE 3-0 Build 7 Patch 0 Description: A DOM Based Reflected Cross Site Scripting XSS issue was found in the qnme-ajax component, specifically in the method=tree level endpoint. This allows for potential...