JVN#95938761: UNIVERGE IX/IX-R/IX-V series routers provided by NEC Corporation vulnerable to cross-site scripting

UNIVERGE IX/IX-R/IX-V series routers provided by NEC Corporation contains the following vulnerability. Cross-site scripting CWE-79 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N Base Score 5.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score 6.1 CVE-2025-8153 Impact If a...

PT-2024-4821 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue is related to stored cross-site scripting, allowing users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to...

PT-2024-26340 · Ibm · Ibm Websphere Application Server

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 8.5 through 9.0 Description: The issue allows a privileged user to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure...

PT-2024-24277 · Ibm · Ibm Planning Analytics

Name of the Vulnerable Software and Affected Versions: IBM Planning Analytics Local versions 2.0 through 2.1 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted...

PT-2024-12051 · Unknown · Mt Safeline X-Ray X3310

Name of the Vulnerable Software and Affected Versions: MT Safeline X-Ray X3310 webserver version NXG 19.05 Description: A reflected cross-site scripting XSS vulnerability exists, enabling a remote attacker to execute JavaScript code and obtain sensitive information in a victim's browser...

PT-2024-12443 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted sessio...

PT-2024-14024 · Ibm · Ibm Business Automation Workflow

Name of the Vulnerable Software and Affected Versions: IBM Business Automation Workflow versions 22.0.2 through 23.0.2 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure withi...

PT-2023-28639 · Frauscher Sensortechnik Gmbh · Fds101

Name of the Vulnerable Software and Affected Versions: Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi versions 1.4.24 and all previous versions Description: The issue is related to a SQL injection vulnerability that can be exploited via manipulated parameters of the web interface without...

PT-2023-9806 · Draytek · Draytek Vigor

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor versions 1.5.1.4 through 1.5.1.5 Description: The issue is related to the function sub 1225C in the mainfunction.cgi script of the DrayTek Vigor web interface, where inadequate data cleaning on the management level can be...

PT-2022-7382 · Ibm · Ibm Security Verify Governance

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Governance, Identity Manager version 10.0.1 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within...

PT-2022-25800 · Ibm · Ibm Cloud Transformation Advisor

Name of the Vulnerable Software and Affected Versions: IBM Cloud Transformation Advisor versions 2.0.1 through 3.3.1 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within ...

PT-2022-3298 · Trueconf · Trueconf Server

Name of the Vulnerable Software and Affected Versions: TrueConf Server version 4.3.7 Description: The issue is related to the failure to neutralize script-related HTML tags on a web page, which can lead to basic cross-site scripting Stored. This can be initiated remotely. The exploit has been...

PT-2022-5106 · Moxa · Moxa Mxview

Name of the Vulnerable Software and Affected Versions: Moxa MXView version 3.2.4 Description: The issue is related to the use of hardcoded credentials in the web interface of Moxa MXView, allowing a remote attacker to gain full access to the device by sending a specially crafted HTTP request. Thi...

PT-2019-17135 · Ibm · Ibm Content Navigator

Name of the Vulnerable Software and Affected Versions: IBM Content Navigator version 3.0CD Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session...

PT-2013-5035 · Red Hat · Red Hat Satellite

Name of the Vulnerable Software and Affected Versions: Red Hat Satellite versions 5.6 and earlier Description: The issue allows remote attackers to create administrator accounts due to the web interface not being disabled. Recommendations: For Red Hat Satellite versions 5.6 and earlier, disable t...