Newphoria applican framework cross-site scripting vulnerability

Newphoria applican framework for Android and iOS is a set of application development framework based on Android and iOS platforms from Newphoria, Japan. A cross-site scripting vulnerability exists in the runtime engine of Newphoria applican framework 1.12.6 and earlier for Android and Newphoria...

Newphoria applican framework cross-site scripting vulnerability (CNVD-2015-07764)

Newphoria applican framework for Android and iOS is a set of application development framework based on Android and iOS platforms from Newphoria, Japan. A cross-site scripting vulnerability exists in the runtime engine of Newphoria applican framework 1.12.6 and earlier versions for Android and...

JosephErnest Void Cross-Site Scripting Vulnerability

JosephErnest Void is a content management system CMS. A cross-site scripting vulnerability exists in the index.php script in versions of JosephErnest Void prior to 2015-10-02. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the help of a specially...

CVE-2015-7997

Multiple cross-site scripting XSS vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM SVM devices allow...

Multiple Cross-Site Scripting Vulnerabilities in HP ArcSight Management Center

HP ArcSight Management Center is a security management center from Hewlett-Packard HP in the U.S. HP ArcSight Logger is a log management software tool. Multiple cross-site scripting vulnerabilities exist in HP ArcSight Management Center versions prior to 2.1, and ArcSight Logger versions prior to...

Microsoft .NET Framework Cross-Site Scripting Vulnerability

Microsoft .NET Framework is a popular software development toolkit. A cross-site scripting vulnerability exists in Microsoft .NET Framework versions 4, 4.5, 4.5.1, 4.5.2,4.6, which allows remote attackers to insert arbitrary web scripts or HTML pages via a carefully constructed value...

Microsoft Skype for Business Cross-Site Scripting Vulnerability

Microsoft Skype for Business is an enterprise-class communication tool from Microsoft Corporation that enhances support for intra-enterprise communications as well as content sharing and collaboration. Cross-site scripting vulnerability in Microsoft Skype for Business 2016, Lync 2010 and 2013 SP1...

CVE-2015-5734

Cross-site scripting XSS vulnerability in the legacy theme preview implementation in wp-includes/theme.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a crafted string...

Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2015-07411)

Mozilla Firefox is an open source web browser. A cross-site scripting vulnerability exists in Mozilla Firefox for Android-based platforms that fails to properly restrict URL strings in Android intents, allowing remote attackers to exploit the vulnerability to inject malicious script or HTML code...

Cisco Social Miner Cross-Site Scripting Vulnerability

Cisco Social Miner is the United States Cisco Cisco a set of customer service systems, providing user information collection, filtering, process processing, statistical reporting and other functions. A cross-site scripting vulnerability exists in Cisco Social Miner 10.0. It allows remote attacker...

Multiple Cross-Site Scripting Vulnerabilities in Fortinet FortiManager (CNVD-2015-07355)

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices and can group devices into different management domains ADOM to further simplify multi-device security deployment and managemen...

Multiple cross-site scripting vulnerabilities in Fortinet FortiManager (CNVD-2015-07354)

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices and can group devices into different management domains ADOM to further simplify multi-device security deployment and managemen...

Cisco FireSight Management Center Cross-Site Scripting Vulnerability

Cisco FireSIGHT Management Center MC is the United States Cisco Cisco company's set of centralized on the Cisco ASA with FirePOWER Services and Cisco FirePOWER network security equipment management management center software. A cross-site scripting vulnerability exists in Cisco FireSight MC...

Cisco ACS Solution Engine Cross-Site Scripting Vulnerability

Cisco Secure Access Control Server ACS is a security access control server from Cisco, Inc.Solution Engine is one of the server engine solutions. Cisco Secure Access Control Server ACS version 5.70.15, an XSS vulnerability exists in the web interface of Solution Engine. A remote attacker could...

CVE-2015-5667

Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

Janitza UMG has multiple cross-site scripting vulnerabilities

The Janitza UMG is an online power quality monitor for the energy industry from Janitza Germany. The Janitza UMG 508, 509, 511, 604, 605, suffers from multiple cross-site scripting vulnerabilities. This allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Infinite Automation Mango Automation Cross-Site Scripting Vulnerability

Infinite Automation Mango Automation is the United States Infinite Automation Systems, Inc. of a set of open source Web-based SCADA data acquisition and supervisory control, HMI and automation software. A cross-site scripting vulnerability exists in Infinite Automation Mango Automation 2.5.x and...

Multiple Cross-Site Scripting Vulnerabilities in Nordex NC2

Nordex Control 2 is a web-based SCADA system for wind power stations. Multiple cross-site scripting vulnerabilities exist in the Nordex Control 2 NC2 SCADA 16 and earlier versions, Wind Farm Portal application. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTM...

CVE-2015-6477

Multiple cross-site scripting XSS vulnerabilities in the Wind Farm Portal application in Nordex Control 2 NC2 SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1812...