2179 matches found
CVE-2023-36389
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...
Siemens RUGGEDCOM ROX 系列多款产品 跨站脚本漏洞
RUGGEDCOM products offer a degree of robustness and reliability that sets the standard for communication networks deployed in harsh environments. A cross-site scripting vulnerability exists in Siemens RUGGEDCOM ROX, which can be exploited by attackers to execute malicious javascript code by...
Siemens RUGGEDCOM ROX 系列多款产品 跨站脚本漏洞
RUGGEDCOM products offer a degree of robustness and reliability that sets the standard for communication networks deployed in harsh environments. A cross-site scripting vulnerability exists in Siemens RUGGEDCOM ROX, which can be exploited by attackers to execute malicious javascript code by...
Cross-site Scripting (XSS)
com.liferay.layout.seo.web is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of validation of the URLs in the layout module's SEO configuration, which allows an attacker to inject and execute malicious javascript or HTML via the...
Cross-Site Scripting (XSS)
tpwd/kesearch is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly validate user input before it output to the front end, allowing an attacker to inject and execute malicious javascript on victim's browser via indexed data...
Cross Site Scripting (XSS)
@udecode/plate-link is vulnerable to Cross Site Scripting XSS. The vulnerability exists because it does not properly validate url's, which allows an attacker to inject malicious JavaScript script into the system...
Cross-Site Scripting (XSS)
github.com/gitpod-io/gitpod is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly check for user input URLs which leads to redirection for some protocols outside of the trusted set of three vscode: vscode-insiders: jetbrains-gateway:, allowing an attacker to execute...
PyBB 跨站脚本漏洞
PyBB is an open source bulletin board for individual developers in Ben, UK. PyBB version 0.1.0 suffers from a cross-site scripting vulnerability that stems from the presence of a cross-site scripting vulnerability that allows an attacker to run malicious JavaScript code on the client side...
CVE-2023-29322
Adobe Experience Manager versions 6.5.16.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2023-29322
Adobe Experience Manager versions 6.5.16.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2023-29302
Adobe Experience Manager versions 6.5.16.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2023-29304
Adobe Experience Manager versions 6.5.16.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2023-29304
Adobe Experience Manager versions 6.5.16.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
Cross site scripting
Adobe Experience Manager versions 6.5.16.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2023-29322 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Experience Manager versions 6.5.16.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2023-29302 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Experience Manager versions 6.5.16.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2023-29302 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Experience Manager versions 6.5.16.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2023-2277
The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.9. This is due to missing or incorrect nonce validation on the 'insert' function. This makes it possible for unauthenticated attackers to update the plugin's settings and...
CVE-2023-2277
The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.9. This is due to missing or incorrect nonce validation on the 'insert' function. This makes it possible for unauthenticated attackers to update the plugin's settings and...
CVE-2023-2277 WP Directory Kit <= 1.1.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting via wdk_resultitem
The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.9. This is due to missing or incorrect nonce validation on the 'insert' function. This makes it possible for unauthenticated attackers to update the plugin's settings and...