IBM WebSphere Portal Cross-Site Scripting Vulnerability

IBM WebSphere Portal is a set of enterprise portal software developed by IBM. The software creates a platform that connects the internal and external parts of an organization, allowing employees, customers and suppliers to access internal data through the platform. A cross-site scripting...

Stored Cross-Site Scripting Vulnerability in DuoDuoRebate.com System Tag Parameters

DuoDuo rebate system is for e-commerce rebate, shopping guide to provide solutions, is the open source PHP rebate site system. DuoDuo rebate website system V8.3UTF8 official version February 10, 2017 there are stored cross-site scripting vulnerabilities. Due to the tag parameter failed to filter ...

CVE-2017-6799

A cross-site scripting XSS vulnerability in viewfilterspage.php in MantisBT before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'viewtype' parameter...

CVE-2017-6799

A cross-site scripting XSS vulnerability in viewfilterspage.php in MantisBT before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'viewtype' parameter...

CVE-2017-6797

A cross-site scripting XSS vulnerability in bugchangestatuspage.php in MantisBT before 1.3.7 and 2.x before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'actiontype' parameter...

CVE-2017-6547

Cross-site scripting XSS vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with firmwa...

CVE-2017-6547

Cross-site scripting XSS vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with firmwa...

Cross site scripting

Cross-site scripting XSS vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with firmwa...

IBM Connections Cross-Site Scripting Vulnerability (CNVD-2017-02723)

IBM Connections is a suite of social software platforms from IBM in the United States. The platform provides advanced analytics and real-time data monitoring capabilities, and accelerates web collaboration within and outside the organization through IBM SmartCloud services. A cross-site scripting...

CVE-2016-6055

IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Referen...

IBM Security Access Manager Arbitrary Code Injection Vulnerability

IBM Security Access Manager is a security access manager from IBM USA. A security vulnerability exists in IBM Security Access Manager. An attacker can exploit the vulnerability to inject arbitrary JavaScript script code, causing credential disclosure in a trusted session...

CVE-2016-6061

IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2016-6125

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

Cross site scripting

IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

Man-in-the-middle Remote Code Execution Vulnerability in Ali Want Want Windows Edition

Aliwangwang is a personal transaction communication software customized for Taobao, which facilitates real-time communication between buyers and sellers in the transaction process. A man-in-the-middle remote code execution vulnerability exists in Ali Want Want for Windows. Since Ali Want Want use...

Cross-Site Scripting (XSS)

flower is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary javascript via the url due the lack of user input sanitization...

IBM Kenexa LMS on Cloud Cross-Site Scripting Vulnerability (CNVD-2017-00561)

IBM Kenexa LMS on Cloud is a configurable, enterprise-grade social learning management system LMS from IBM that integrates social networking, collaboration, and knowledge sharing capabilities. The system provides interactive features and supports users to evaluate learning content and share their...

IBM Kenexa LMS on Cloud Cross-Site Scripting Vulnerability (CNVD-2017-00562)

IBM Kenexa LMS on Cloud is a configurable, enterprise-grade social learning management system LMS from IBM that integrates social networking, collaboration, and knowledge sharing capabilities. The system provides interactive features and supports users to evaluate learning content and share their...

IBM Security Identity Manager Virtual Appliance Cross-Site Scripting Vulnerability (CNVD-2017-00457)

IBM Security Identity Manager ISIM is a suite of identity management and governance solutions from IBM in the United States. A cross-site scripting vulnerability exists in the IBM Security Identity Manager Virtual Appliance. An attacker can exploit this vulnerability to inject arbitrary JavaScrip...

Cross-Site Scripting (XSS)

delayedjobweb is vulnerable to cross-site scripting XSS attacks. The page that displays the queued jobs doesn't escape content, allowing a malicious user to inject and execute arbitrary Javascript...