341 matches found
Cross site scripting
NETSCOUT nGeniusONE 6.3.0 build 1196 allows high-privileged users to achieve Stored Cross-Site Scripting XSS in FDSQueryService...
Xxe
NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity XXE attacks...
Code injection
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint...
Cross site scripting
NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting XSS in UploadFile...
Cross site scripting
NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting XSS in the Packet Analysis module...
CVE-2021-35199
CVE-2021-35199 affects NETSCOUT nGeniusONE, specifically versions 6.3.0 build 1196 and earlier. The vulnerability arises from an insufficient input validation/filtering in the UploadFile function of the packet analysis module, enabling a stored Cross-Site Scripting (XSS) attack. Impact is describ...
CVE-2021-35199
NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting XSS in UploadFile...
CVE-2021-35198
NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the Packet Analysis module. The root cause is improper input validation/filtering, enabling an attacker to inject JavaScript and perform stored XSS. Public references (NVD, CVE lis...
CVE-2021-35198
NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting XSS in the Packet Analysis module...
CVE-2021-35205
NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector...
CVE-2021-35205
NETSCOUT nGeniusONE is vulnerable in version 6.3.0 build 1196 to a URL redirection issue in the redirector. The CVE-2021-35205 entry notes the root cause as the system’s failure to reasonably handle target jumps, enabling potential user redirection to malicious websites. Other connected reports (...
CVE-2021-35200
Summary (CVE-2021-35200): Netscout nGeniusONE 6.3.0 build 1196 is affected by a Stored Cross‑Site Scripting (XSS) vulnerability in the FDSQueryService. The root cause is lack of validation/filtering of user input data within that service, enabling high-privileged users to inject JavaScript. The r...
CVE-2021-35200
NETSCOUT nGeniusONE 6.3.0 build 1196 allows high-privileged users to achieve Stored Cross-Site Scripting XSS in FDSQueryService...
CVE-2021-35201
Netscout nGeniusONE 6.3.0 build 1196 is affected by an XML External Entity (XXE) vulnerability due to insufficient filtering of external entities in XML processing. A remote attacker can exploit this by sending a specially crafted XML payload. No patch/fix details are provided in the supplied doc...
CVE-2021-35201
NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity XXE attacks...
CVE-2021-35202
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass to access an endpoint in FDSQueryService...
CVE-2021-35202
CVE-2021-35202 affects NETSCOUT Systems nGeniusONE 6.3.0 build 1196. The issue is an Authorization Bypass in FDSQueryService, enabling access to the endpoint by an unauthenticated or inappropriate actor. Documented impact from multiple sources indicates unauthorized access could be gained via thi...
CVE-2021-35203
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint...
CVE-2021-35203
Netscout nGeniusONE 6.3.0 build 1196 is affected by CVE-2021-35203, a vulnerability that allows Arbitrary File Read through the FDSQueryService endpoint due to incorrect user access control. Exploitation details are not provided in the connected documents; no in‑the‑wild exploit information is ci...
CVE-2021-35204
Netscout nGeniusONE 6.3.0 build 1196 is affected by a Reflected Cross-Site Scripting (XSS) vulnerability in the Support endpoint. The root cause is insufficient validation/filtering of user input at the Support endpoint, allowing an attacker to execute JavaScript code in a victim’s browser. The C...