227 matches found
Cross site scripting
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Map.php hde parameter...
Cross site scripting
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Incidents.php id parameter...
CVE-2020-15035
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Map.php hde parameter...
Cross site scripting
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php sn parameter...
Cross site scripting
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php chg parameter...
Cross site scripting
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Setup.php tet parameter...
CVE-2020-15028
NeDi 1.9C is vulnerable to a cross-site scripting (XSS) flaw. The issue allows an attacker to execute arbitrary JavaScript via the Topology-Map.php page parameter xo. This appears consistently across multiple feeds (NVD, CNVD, PRION, OpenVAS) and is described as a web-application XSS without evid...
CVE-2020-15028
NeDi 1.9C is vulnerable to a cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Map.php xo parameter...
CVE-2020-15029
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php sn parameter...
CVE-2020-15029
CVE-2020-15029 affects NeDi 1.9C, vulnerable to cross-site scripting (XSS) via the Assets-Management.php sn parameter. The issue is a client-side script injection risk in the web UI that could allow arbitrary JavaScript execution in authenticated or guest contexts depending on access, as describe...
CVE-2020-15030
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Routes.php rtr parameter...
CVE-2020-15030
NeDi 1.9C contains a cross-site scripting (XSS) vulnerability that allows an attacker to execute arbitrary JavaScript code via the Topology-Routes.php rtr parameter. The issue is tied to CVE-2020-15030 and is corroborated by multiple feeds indicating the same vector. The provided connected docume...
CVE-2020-15031
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php chg parameter...
CVE-2020-15031
CVE-2020-15031 concerns NeDi 1.9C, where a cross-site scripting (XSS) vulnerability exists in the Assets-Management.php chg parameter, allowing an attacker to execute arbitrary JavaScript code. The vulnerability is documented across multiple sources (NVD entry and Red Hat advisory), specifying th...
CVE-2020-15032
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Incidents.php id parameter...
CVE-2020-15032
CVE-2020-15032 affects NeDi 1.9C with a cross-site scripting (XSS) vulnerability: an attacker can execute arbitrary JavaScript via the Monitoring-Incidents.php id parameter. The connected documents corroborate the XSS issue across multiple feeds, but do not provide a patch or effective remediatio...
CVE-2020-15033
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the snmpget.php ip parameter...
CVE-2020-15033
NeDi 1.9C is vulnerable to cross-site scripting (XSS) via the snmpget.php ip parameter. Multiple connected sources (Red Hat advisory, CNVD, CNVD CNVD-2020-44580, NVD entry, OpenVAS entry, PRION, CVE record) confirm the same detail. The exact root cause is not elaborated beyond the parameter-based...
CVE-2020-15034
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Setup.php tet parameter...
CVE-2020-15034
CVE-2020-15034 : NeDi 1.9C is vulnerable to cross-site scripting (XSS) via the Monitoring-Setup.php tet parameter, allowing an attacker to execute arbitrary JavaScript in a victim’s browser. The provided documents state the vulnerability but do not include remediation details or confirmed exploit...