HCL Leap 安全漏洞

HCL Leap is a low-code development platform from HCL India. HCL Leap has a security vulnerability that stems from the presence of an insecure default file type filtering policy that allows execution of insecure JavaScript in deployed applications...

Cross site scripting

Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the...

CVE-2022-35697 AEM File Upload Security Issue leading to RXSS

Adobe Experience Manager Core Components version 2.20.6 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2021-46680

A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the module form name field...

CVE-2021-46677

A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the event filter name field...

CVE-2021-46678

A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the service name field...

CVE-2021-46677

A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the event filter name field...

CVE-2021-46680

A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the module form name field...

CVE-2021-46676

A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the transactional maps name field...

Cross site scripting

A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the service name field...

Cross site scripting

A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the event filter name field...

CVE-2021-46679 Vulnerability XSS in service elements

A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via service elements...

GHSA-2FXF-QJ94-3F83 Apache JSPWiki XSS due to crafted request on XHRHtml2Markup.jsp

A carefully crafted request on XHRHtml2Markup.jsp could trigger an XSS vulnerability on Apache JSPWiki up to and including 2.11.2, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Version 2.11.3 contains a fix for th...

PT-2022-12897 · Unknown · Pandora Fms

Name of the Vulnerable Software and Affected Versions: Pandora FMS versions prior to 756 Description: A XSS issue exists that allows an attacker to execute javascript code via the event filter name field. Recommendations: For versions prior to 756, update to a version above 756 to resolve the iss...

Artica Pandora FMS 跨站脚本漏洞

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A security vulnerability exists in Artica Pandora FMS version 756 and earlier versions. An attacker can exploit this...

Artica Pandora FMS 跨站脚本漏洞

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A cross-site scripting vulnerability exists in Artica Pandora FMS version 756 and earlier. An attacker can exploit this...

Artica Pandora FMS 跨站脚本漏洞

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A cross-site scripting vulnerability exists in Artica Pandora FMS version 756 and earlier. An attacker can exploit this...

CVE-2022-28732

A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.3 or later...

PT-2022-18262 · Apache · Apache Jspwiki

Name of the Vulnerable Software and Affected Versions: Apache JSPWiki versions up to and including 2.11.2 Description: A carefully crafted request on the "XHRHtml2Markup.jsp" endpoint could trigger an issue, allowing an attacker to execute javascript in the victim's browser and potentially obtain...

Apache JSPWiki 跨站脚本漏洞

Apache JSPWiki is a U.S. Apache Apache Foundation , an open source WikiWiki engine built on Java, Servlet and JSP . A security vulnerability exists in Apache JSPWiki versions prior to 2.11.3, which stems from an XSS vulnerability that can be triggered by a crafted request on AJAXPreview.jsp. This...