CVE-2017-3838

A vulnerability in Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting XSS attack against the user of the web interface of the affected system. More Information: CSCvc04838. Known Affected Releases: 5.82.5...

Cisco Secure Access Control System Cross-Site Scripting Vulnerability

A vulnerability in Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting XSS attack against the user of the web interface of the affected system. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be...

Cisco Secure Access Control System Cross-Site Scripting Vulnerability

A vulnerability in Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of a user-suppli...

DOM-Based Cross-Site Scripting Vulnerability in the Advanced Management Module (AMM) - Lenovo Support US

No description provided...

Algolia: [github.algolia.com] DOM Based XSS github-btn.html

Description === Vulnerable parameter: user Vulnerable script: https://github.algolia.com/github-btn.html Vulnerable code: js var params = function for var t, e = , o = window.location.href.slicewindow.location.href.indexOf"?" + 1.split"&", r = 0; r HTMLHTMLHTMLHTMLHTMLHTML&type=follow PoC 2 XSS f...

Ubiquiti Inc.: [nutty.ubnt.com] DOM Based XSS nuttyapp github-btn.html

Description === Vulnerable parameter: user Vulnerable script: http://nutty.ubnt.com/github-btn.html Vulnerable code: js var params = function var vars = , hash; var hashes = window.location.href.slicewindow.location.href.indexOf'?' + 1.split'&'; forvar i = 0; i HTMLHTMLHTMLHTMLHTMLHTML&type=follo...

Cross site scripting

Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a DOM-based cross-site scripting vulnerability. Successful exploitation could lead to JavaScript code execution...

CVE-2017-2929

Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a DOM-based cross-site scripting vulnerability. Successful exploitation could lead to JavaScript code execution...

CVE-2017-2929

The CVE-2017-2929 entry concerns Adobe Acrobat extension for Chrome (version 15.1.0.3 and earlier). The connected sources confirm a DOM-based cross-site scripting vulnerability that can lead to JavaScript code execution in the context of the affected page due to improper input validation within t...

CVE-2017-2929

Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a DOM-based cross-site scripting vulnerability. Successful exploitation could lead to JavaScript code execution...

Slack: dom xss in https://www.slackatwork.com

https://www.slackatwork.com/wp-content/themes/twentyfifteen/genericons//example.html1...

Discourse: DOM Based XSS in Discourse Search

Steps to Reproduce: 1. Load http://try.discourse.org 2.Now From Top Right Corner Click on Search Button 3. Enter payload their Payload: @prompt1337gmail.com 4: Now in new windows that opens click on advance search and The XSS will Occur : 5: Now copy the link and send to victim there the XSS will...

Horos 2.1.0 Cross Site Scripting

Horos 2.1.0 Web Portal DOM Based XSS Vendor: Horos Project Product web page: https://www.horosproject.org Affected version: 2.1.0 Summary: HorosaC/ is an open-source, free medical image viewer. The goal of the Horos Project is to develop a fully functional, 64-bit medical image viewer for OS X...

Horos 2.1.0 Cross Site Scripting Vulnerability

Exploit for macOS platform in category dos / poc Horos 2.1.0 Web Portal DOM Based XSS Vendor: Horos Project Product web page: https://www.horosproject.org Affected version: 2.1.0 Summary: HorosaC/ is an open-source, free medical image viewer. The goal of the Horos Project is to develop a fully...

Horos 2.1.0 Web Portal DOM Based XSS

Summary Horos™ is an open-source, free medical image viewer. The goal of the Horos Project is to develop a fully functional, 64-bit medical image viewer for OS X. Horos is based upon OsiriX and other open source medical imaging libraries. Description Horos suffers from a DOM-based XSS vulnerabili...

OsiriX Web Portal 8.0.1 DOM Based XSS

Summary With high performance and an intuitive interactive user interface, OsiriX MD is the most widely used DICOM viewer in the world. It is the result of more than 10 years of research and development in digital imaging. It fully supports the DICOM standard for an easy integration in your...

U.S. Dept Of Defense: DOM Based XSS on an Army website

A U.S. Army website was vulnerable to a DOM based cross-site scripting attack which may be used to trick a web user into executing a malicious script, potentially revealing a user's browser cookies or modify web content. juliocesar was able to demonstrate this vulnerability by crafting a speciall...

Informatica: [kb.informatica.com] DOM based XSS in the bindBreadCrumb function

The bindBreadCrumb function, which is called after the document is loaded: javascript $document.readyfunction bindBreadCrumb; ; has the following insecure link assignments, that use non-encoded URL values: javascript strChild = "Search Results"; strChild = "Search Results"; strChild = "Search...

Starbucks: Dom Based Xss DIV.innerHTML parameters store.starbucks*

Hi! this subdomain store.starbucks vulnerable to dom based xss. you are using the vulnerable library jQuery.V1101 parameters location.hash DIV.innerHTML . Vulnerable all subdomains store.starbucks It works Chrome,and IE 11 the current version POC...

Unpatched Vulnerability on Wix.com Puts Millions of Sites at Risk

Update Cloud-based web host Wix.com is vulnerable to a DOM-based cross-site scripting vulnerability that can give attackers control over any of the millions of websites hosted on the platform. “Simply by adding a single parameter to any site created on Wix, the attacker can cause their JavaScript...