19 matches found
CVE-2025-59989
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Discovery page that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59989
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Discovery page that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59989
CVE-2025-59989 affects Juniper Networks Junos Space prior to version 24.1R4. The issue is an Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) on the Device Discovery page, allowing an attacker to inject script tags which, when viewed by another user, can execute ...
PT-2025-41425
Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4 Description An issue exists in Juniper Networks Junos Space that allows an attacker to inject script tags into the Device Discovery page. When another user visits this page, the attacker ca...
EUVD-2022-38121
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-35229
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed...
SUSE CVE-2022-35229
An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict...
Zabbix Frontend Cross-Site Scripting Vulnerability (CNVD-2022-56704)
Zabbix Frontend is a monitoring software front-end tool from the American company Zabbix. A cross-site scripting vulnerability exists in Zabbix Frontend, which can be exploited by an authenticated attacker to create a link to a discovery page with reflected Javascript code and send it to other...
CVE-2022-35229
An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict...
CVE-2022-35229
An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict...
CVE-2022-35229
An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict...
DEBIAN-CVE-2022-35229
An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict...
CVE-2022-35229
An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict...
UBUNTU-CVE-2022-35229
An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict...
Cross site request forgery (csrf)
An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict...
CVE-2022-35229
An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict...
Zabbix Frontend 跨站脚本漏洞
Zabbix Frontend is a monitoring software front-end tool from the American company Zabbix. A cross-site scripting vulnerability exists in Zabbix Frontend, which can be exploited by an authenticated attacker to create a link to a discovery page with reflected Javascript code and send it to other...
PT-2022-6480 · Zabbix +4 · Zabbix +4
Name of the Vulnerable Software and Affected Versions: Zabbix affected versions not specified Description: The issue is related to the lack of protection of the web page structure in Zabbix, a universal monitoring system. An authenticated user can create a link with reflected Javascript code insi...
Cross-site Scripting (XSS)
kibana is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary JavaScript through the Discovery page...