CVE-2022-20838

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...

CVE-2022-20835

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...

CVE-2022-20834

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...

CVE-2022-20833

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...

AlmaLinux 8 : redis:6 (ALSA-2022:7541)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7541 advisory. redis: Code injection via Lua script execution environment CVE-2022-24735 redis: Malformed Lua script can crash Redis CVE-2022-24736 Tenable has extracted...

PT-2022-26577 · Unknown · Comserver Series

Name of the Vulnerable Software and Affected Versions: ComServer Series affected versions not specified Description: The issue allows an authenticated remote attacker to execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration webpage. This is a...

Subrion CMS is vulnerable to Cross-Site Scripting (XSS)

A cross-site scripting XSS vulnerability in the /panel/fields/add component of Intelliants Subrion CMS version 4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field...

CVE-2022-43119

A cross-site scripting XSS vulnerability in Clansphere CMS v2011.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username parameter...

Cross site scripting

A cross-site scripting XSS vulnerability in flatCore-CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username text field...

PT-2022-5691 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: The issue is related to insufficient validation of user-supplied input by the web-based management interface, allowing an authenticated, remote attack...

PT-2022-26763 · Intelliants · Intelliants Subrion Cms

Name of the Vulnerable Software and Affected Versions: Intelliants Subrion CMS version 4.2.1 Description: A cross-site scripting XSS issue in the CMS Field Add page allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field. This enables...

PT-2022-5696 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: The issue is related to insufficient validation of user-supplied input by the web-based management interface, allowing an authenticated, remote attack...

Joomla! CMS Cross-Site Scripting (CVE-2018-6377)

A cross-site scripting vulnerability exists in Joomla! Core. Successful exploitation results in the execution of arbitrary script code in the target user's browser...

PT-2022-5690 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: The issue is related to insufficient validation of user-supplied input by the web-based management interface, allowing an authenticated, remote attack...

CVE-2022-43118

A cross-site scripting XSS vulnerability in flatCore-CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username text field...

CVE-2022-43121

A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...

CVE-2022-43119

A cross-site scripting XSS vulnerability in Clansphere CMS v2011.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username parameter...

CVE-2022-41205

SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries which can cause a limited impact on confidentiality and high impact on availability of the application...

CVE-2022-41136

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS in Vladimir Anokhin's Shortcodes Ultimate plugin = 5.12.0 on WordPress...

redis: Code injection via Lua script execution environment

A flaw was found in the Redis database where Lua scripts can be manipulated to overcome ACL rules. This flaw allows an attacker with access to Redis to inject Lua code that executes the potentially higher privileges of another Redis user...