IBM Rational Team Concert Cross-Site Scripting Vulnerability (CNVD-2017-15923)

IBM Rational Team Concert RTC is the U.S. IBM's set of Jazz-based platform and support for decentralized teams for real-time collaboration related to software lifecycle management solutions. A cross-site scripting vulnerability exists in IBM RTC. A remote attacker can exploit this vulnerability t...

IBM Jazz Reporting Service Cross-Site Scripting Vulnerability (CNVD-2017-15917)

IBM Jazz Reporting Service JRS is a suite of IBM USA applications for discovering cross-project reports that can be used in integration with IBM Rational CLM's Rational solution for managing all lifecycles of a development project. CLM users can access reports provided by JRS in dashboards,...

IBM Security Guardium Cross-Site Scripting Vulnerability (CNVD-2017-15930)

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes easy UI customization, report management and discovery and a streamlined audit process builder. A cross-site scripting vulnerability exists in IBM Security...

IBM Rational Team Concert Cross-Site Scripting Vulnerability (CNVD-2017-15922)

IBM Rational Team Concert RTC is the U.S. IBM's set of Jazz-based platform and support decentralized teams for real-time collaboration related to software lifecycle management solutions. A cross-site scripting vulnerability exists in IBM RTC. A remote attacker can exploit this vulnerability to...

IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2017-12583)

IBM WebSphere Portal is a set of enterprise portal software developed by IBM. The software creates a platform that connects the internal and external parts of an organization, allowing employees, customers and suppliers to access internal data through the platform. A cross-site scripting...

ntopng cross-site scripting vulnerability (CNVD-2017-16033)

NTOPNG is the next generation version of NTOP, computer software for monitoring traffic on a computer network. A cross-site scripting vulnerability exists in ntopng. The vulnerability stems from improper validation of GET and POST parameters and can be exploited by an attacker to inject arbitrary...

IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2017-13820)

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting vulnerability exists in IBM Sterling B...

CVE-2017-3948

Cross Site Scripting XSS in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint DLP Endpoint 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecting malicious JavaScript into a user's browsing session...

Vaadin Framework 7.7.6 - 7.7.9 Javascript Injection Vulnerability

Vaadin Framework is prone to a Javascript injection vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vaadin:vaadin"...

IBM RCLM and RELM Cross-Site Scripting Vulnerabilities

IBM Rational Collaborative Lifecycle Management RCLM provides requirements management, quality management, change and configuration management, and project planning and tracking.IBM Rational Engineering Lifecycle Manager RELM visualizes, analyzes, and organize engineering lifecycle data and data...

Cross-site scripting vulnerability in multiple IBM products (CNVD-2017-11422)

IBM Rational Collaborative Lifecycle Management CLM and Rational Quality Manager RQM are both products of the U.S. company IBM. The former is a collaborative lifecycle management solution, the latter is a collaborative, Web-based quality management solution. A cross-site scripting vulnerability...

IBM Rational Collaborative Lifecycle Management and Rational Quality Manager Cross-Site Scripting Vulnerability

IBM Rational Collaborative Lifecycle Management CLM and Rational Quality Manager RQM are both products of the U.S. company IBM. The former is a collaborative lifecycle management solution, the latter is a collaborative, Web-based quality management solution. A cross-site scripting vulnerability...

IBM Rational Collaborative Lifecycle Management and Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2017-11424)

IBM Rational Collaborative Lifecycle Management CLM and Rational Quality Manager RQM are both products of the U.S. company IBM. The former is a collaborative lifecycle management solution, the latter is a collaborative, Web-based quality management solution. A cross-site scripting vulnerability...

CVE-2017-9451

Cross site scripting XSS vulnerability in pages.editform.php in flatCore 1.4.6 allows remote attackers to inject arbitrary JavaScript via the PATHINFO in an acp.php URL, due to use of unsanitized $SERVER'PHPSELF' to generate URLs...

IBM Rational DOORS Next Generation Station Scripting Vulnerability (CNVD-2017-08547)

IBM Rational DOORS Next Generation DNS is a suite of software for capturing, tracking, analyzing, and managing requirements from IBM, USA. The software provides a single platform for global team collaboration to manage requirements more efficiently and share unified user, server and project...

CVE-2017-9420

Cross site scripting XSS vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter...

Contiki Operating System cc26xx-web-demo Cross-Site Scripting Vulnerability

Contiki Operating System is a small, open source, extremely portable multitasking operating system. cc26xx-web-demo is the application used to connect to cloud services. A cross-site scripting vulnerability exists in the MQTT/IBM Cloud Config page a.k.a. mqtt.html of cc26xx-web-demo in the Contik...

Storage-based Cross-site Scripting Vulnerability in Zibo Shining Network Technology Co. Ltd.'s Flash Website Building System

Flash CMS is a flash website system developed by Zibo Flash Network Technology Co. There is a stored cross-site scripting vulnerability in the flash CMS of Zibo Shining Network Technology Co. Attackers can use this vulnerability to insert malicious js code in the page, obtain user cookies and oth...

F5 BIG-IP APM Cross-Site Scripting Vulnerability

The F5 BIG-IP is a load balancer that uses a variety of distribution algorithms to distribute network requests to available servers in a server cluster, enabling network visitors to have the best possible networking experience by managing incoming Web data traffic and increasing effective network...

CVE-2016-9257

In F5 BIG-IP APM 12.0.0 through 12.1.2, non-authenticated users may be able to inject JavaScript into a request that will then be rendered and executed in the context of the Administrative user when the Administrative user is viewing the Access System Logs, allowing the non-authenticated user to...