2423 matches found
SA-CONTRIB-2015-022 - nodeauthor - Cross Site Scripting (XSS) - Unsupported
This module displays node author information in a jQuery slider. The module doesn't sufficiently sanitize Profile2 fields in a provided block. This vulnerability is mitigated by the fact that an attacker must have a user account allowed to edit profile fields. CVE identifiers issued CVE-2015-3365...
MGASA-2014-0559 Updated couchdb packages fix CVE-2010-5312
Updated couchdb packages fix security vulnerability: Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option CVE-2010-5312. The embedded copy of jQuery UI in...
Updated couchdb packages fix CVE-2010-5312
Updated couchdb packages fix security vulnerability: Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option CVE-2010-5312. The embedded copy of jQuery UI in...
IPCop 2.1.4 Cross Site Request Forgery / Cross Site Scripting
Exploit Title: IPCop = 2.1.4 XSS to CSRF to Remote Command Execution Date: 21/12/2014 Author: Yann CAM @ Synetis - ASafety Vendor or Software Link: www.ipcop.org - www.ipcop.org/download.php Version: 2.1.4 Category: Remote Command Execution Google dork: Tested on: IPCop distribution IPCop...
Fedora 20 : couchdb-1.6.1-4.fc20 (2014-16048)
Fix CVE-2010-5312 couchdb: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option rhbz 1166767 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
CVE-2012-6662
Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...
DEBIAN-CVE-2012-6662
Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...
CVE-2012-6662
Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...
Cross site scripting
Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...
CVE-2010-5312
Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...
CVE-2010-5312
Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...
UBUNTU-CVE-2012-6662
Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...
CVE-2012-6662
Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...
Cross site scripting
Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...
DEBIAN-CVE-2010-5312
Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...
CVE-2010-5312
Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...
UBUNTU-CVE-2010-5312
Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...
CVE-2012-6662
CVE-2012-6662 is a cross-site scripting (XSS) vulnerability in the default content option of jquery.ui.tooltip.js (Tooltip widget) in jQuery UI before 1.10.0. The issue allows remote attackers to inject arbitrary script/HTML via the title attribute, exploitable through the autocomplete combo box ...
CVE-2012-6662
Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...
CVE-2012-6662
Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...