Microsoft Dynamics 365 Cross-Site Scripting Vulnerability (CNVD-2019-35573)

Microsoft Dynamics 365 is a suite of ERP business solutions for multinational organizations from Microsoft USA. The product includes financial management, production management and business intelligence management. A cross-site scripting vulnerability in Microsoft Dynamics 365 on-premises version...

Cisco IOS and IOS XE Cross-Site Scripting Vulnerability

Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network devices. A cross-site scripting vulnerability exists in the web framework code in Cisco IOS and Cisco IOS XE, which stems from a program that fails to perform sufficient input validation. A remote attacker coul...

CVE-2019-5404

A remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...

CVE-2019-5404

A remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...

CVE-2019-5404

A remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...

CVE-2019-5404

CVE-2019-5404 affects HPE 3PAR StoreServ Management Console and Core Software Media prior to 3.5.0.1. A remote script injection vulnerability could allow an attacker to execute client-side code in the management console. The exact exploitation details, including successful attack scenarios, are n...

The vulnerability of the “page parameter” in Mitel Connect OnSite conference call systems allows a intruder to inject any desired web script or HTML code.

The vulnerability of the page parameter in Mitel Connect OnSite communication systems is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary web scripts or HTML code remotely...

PT-2019-9619 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 version 5.3.1.9 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the me link parameter, also known as the "Menu Link" parameter, in the adm/menu list update.php endpoint. This can be exploite...

PT-2019-9622 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 version 5.3.1.9 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the bo mobile content tail parameter, also referred to as the "mobile board tail contents" parameter, in the adm/board form...

PT-2019-9618 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 version 5.3.1.9 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the bo content head parameter, also known as the "board head contents" parameter, in the adm/board form update.php endpoint...

PT-2019-9616 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 version 5.3.1.9 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the Extra Contents parameter, also known as the cf 110 parameter in the adm/config form update.php file. This enables attacker...

PT-2019-9621 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 version 5.3.1.9 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the bo mobile subject parameter, also referred to as the "mobile board title contents" parameter, in the adm/board form...

PT-2019-9617 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 version 5.3.1.9 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the bo mobile content head parameter, also known as the "mobile board head contents" parameter, in the adm/board form update.p...

CVE-2019-5962

Cross-site scripting vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2019-11825

Cross-site scripting XSS vulnerability in Event Editor in Synology Calendar before 2.3.0-0615 allows remote attackers to inject arbitrary web script or HTML via the title parameter...

IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2019-20849)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

bootstrap: XSS in the affix configuration target property

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hostin...

Kanboard Cross-Site Scripting Vulnerability

Kanboard is a suite of open source visual task board software. The software is able to customize the panels according to the business. A cross-site scripting vulnerability exists in the app / Core / Paginator.php file in versions prior to Kanboard 1.2.8. A remote attacker can exploit this...

CVE-2019-5928

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via Customize Item function...

CVE-2017-12788

Multiple cross-site scripting XSS vulnerabilities in admin/index.php in Metinfo 5.3.18 allows remote attackers to inject arbitrary web script or HTML via the 1 class1 parameter or the 2 anyid parameter...