GHSA-826F-32QM-VM3J Jenkins vulnerable to Cross-site Scripting

Cross-site scripting XSS vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors...

elecom lan 跨站脚本漏洞

elecom lan routers is a router from Elecom Japan. A cross-site scripting vulnerability exists in elecom lan routers, which can be exploited by an attacker to inject arbitrary script via an unspecified vector...

XWiki Platform Cross-Site Scripting Vulnerability

Xwiki Platform is a wiki platform for creating web collaboration applications from the French company Xwiki. XWiki Platform has a cross-site scripting vulnerability that can be exploited by attackers to persistently inject scripts...

PT-2020-13934 · Salesagility · Suitecrm

Name of the Vulnerable Software and Affected Versions: SuiteCRM version 7.11.13 Description: The issue is related to stored Cross-Site Scripting XSS in the Documents preview functionality. This could allow remote authenticated attackers to inject arbitrary web script or HTML. Recommendations: For...

CVE-2020-1482

A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint...

CVE-2020-1573

A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint...

PT-2020-3725 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint...

CVE-2020-6535

Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page...

CVE-2020-6470

Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML UXSS via crafted clipboard contents...

CVE-2020-5570

Cross-site scripting vulnerability in Sales Force Assistant version 11.2.48 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

PT-2020-2205 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Foundation affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: A cross-site scripting issue exist...

Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2020-10479)

Microsoft SharePoint Enterprise Server is an enterprise business collaboration platform. A cross-site scripting vulnerability exists in Microsoft SharePoint Enterprise Server, which can be exploited by remote attackers to inject malicious script or HTML code that can be used to obtain sensitive...

CVE-2019-1033

A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint...

CVE-2019-11533

CVE-2019-11533 affects ProjectSend prior to r1070, with a cross-site scripting (XSS) vulnerability that could allow remote attackers to inject arbitrary script/HTML. The issue stems from insufficient input sanitization in the affected component, enabling client-side script execution in the contex...

CVE-2019-0027

A persistent cross-site scripting XSS vulnerability in the Snort Rules configuration of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform...

PT-2018-2034 · Microsoft · Sharepoint Server

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: A cross-site-scripting XSS issue exists due to improper sanitization of specially crafted web requests to an affected SharePoint server. This could allow a remote attack...

GetPocket Cross-Site Scripting Vulnerability

Pocket is the app to quickly save, discover, and recommend stories that interest you. A cross-site scripting vulnerability exists in GetPocket, which can be exploited by remote attackers to inject malicious script code or redirect users to malicious websites/phishing pages...

HP Network Automation Cross-Site Scripting Vulnerability (CNVD-2018-12125)

HP Network Automation Software is network configuration and management automation software. A cross-site scripting vulnerability exists in HP Network Automation, which could be exploited by remote attackers to inject malicious script or HTML code that, when viewed with malicious data, could gain...

UBUNTU-CVE-2018-5152

WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For example, this allows for the interception of username and an encrypted password during login to Firef...

CVE-2018-5135

WebExtensions can bypass normal restrictions in some circumstances and use "browser.tabs.executeScript" to inject scripts into contexts where this should not be allowed, such as pages from other WebExtensions or unprivileged "about:" pages. This vulnerability affects Firefox 59...