6727 matches found
CVE-2020-22719
Shimo Document v2.0.1 contains a cross-site scripting XSS vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the table content text field...
CVE-2021-24834
The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is...
PT-2021-6670 · Unknown +1 · Ckeditor 4 +1
Name of the Vulnerable Software and Affected Versions: CKEditor 4 versions prior to 4.17.0 Description: A vulnerability has been discovered in the core HTML processing module of CKEditor 4, which may affect all plugins used by the editor. This issue allows an attacker to inject malformed comments...
rwtxt vulnerable to cross-site scripting
Overview rwtxt provided by Zack Scholl is a light-weight content management system CMS that enables to share and/or view any text saved online. rwtxt contains a cross-site scripting vulnerability CWE-79. Ito Reo of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/C...
Ruijie Rg-Uac 跨站脚本漏洞
Ruijie Rg-Uac is an Internet behavior management and auditing product from China Ruijie Networks Ruijie. It is used to solve Internet auditing problems. A security vulnerability exists in the Ruijie RG-UAC 6000-E50 commit 9071227, which can be exploited by an attacker to execute arbitrary web...
Mozilla Firefox Security Advisory (MFSA2015-121) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Mozilla: iframe sandbox rules did not apply to XSLT stylesheets
The Mozilla Foundation Security Advisory describes this flaw as: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame...
Schneider Electric Nmc Embedded Devices 跨站脚本漏洞
The Schneider Electric Nmc Embedded Devices are a type of Nmc Embedded Devices from Schneider Electric France. A cross-site scripting vulnerability exists in Schneider Electric Nmc Embedded Devices and NMC Embedded Devices that can be exploited by an attacker to execute arbitrary script...
Schneider Electric Nmc Embedded Devices 跨站脚本漏洞
The Schneider Electric Nmc Embedded Devices are a type of Nmc Embedded Devices from Schneider Electric France. A cross-site scripting vulnerability exists in Schneider Electric Nmc Embedded Devices and NMC Embedded Devices that can be exploited by an attacker to execute arbitrary script...
Schneider Electric Nmc Embedded Devices 跨站脚本漏洞
The Schneider Electric Nmc Embedded Devices are a type of Nmc Embedded Devices from Schneider Electric France. A cross-site scripting vulnerability exists in Schneider Electric Nmc Embedded Devices and NMC Embedded Devices that can be exploited by an attacker to execute arbitrary script...
Insightly: Stored XSS via LINK Name.
The LINK NAME was not properly escaped at the Templates page, leading to Stored XSS. The name was reflected in the tag, and due to lack of sanitization, the user could break out of the tag and execute the XSS...
Mozilla: iframe sandbox rules did not apply to XSLT stylesheets
The Mozilla Foundation Security Advisory describes this flaw as: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame...
Mozilla: iframe sandbox rules did not apply to XSLT stylesheets
The Mozilla Foundation Security Advisory describes this flaw as: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame...
Mozilla: iframe sandbox rules did not apply to XSLT stylesheets
The Mozilla Foundation Security Advisory describes this flaw as: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame...
Mozilla: iframe sandbox rules did not apply to XSLT stylesheets
The Mozilla Foundation Security Advisory describes this flaw as: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame...
CVE-2020-18259
ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting XSS vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields...
Cross site scripting
ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting XSS vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields...
Mozilla: iframe sandbox rules did not apply to XSLT stylesheets
The Mozilla Foundation Security Advisory describes this flaw as: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame...
CVE-2021-38492
CVE-2021-38492 affects Mozilla Firefox on Windows, where delegating navigations to the OS could accept mk: URLs and load Internet Explorer in unprivileged mode. The vulnerability impacts Firefox versions older than 92 (and related Thunderbird/ ESR lines). Remediation is to upgrade to Firefox 92+ ...
UBUNTU-CVE-2021-38503
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...