Security Updates for Microsoft Dynamics 365 (on-premises) (Oct 2021)

The Microsoft Dynamics 365 on-premises installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A spoofing vulnerability CVE-2021-41353 - A cross-site scripting vulnerability CVE-2021-41354 Note that Nessus has not tested for these...

polls.bloknot-voronezh.ru Cross Site Scripting vulnerability OBB-2166075

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cybozu Remote Service Cross-Site Scripting Vulnerability (CNVD-2021-78759)

Cybozu Remote Service is Cybozu's remote service management software for accessing Cybozu's internal systems. A cross-site scripting vulnerability exists in the Cybozu Remote Service administration interface. A remote authenticated attacker could use this vulnerability to obtain information store...

Adobe Connect 跨站脚本漏洞

Adobe Connect is a suite of software for remote training, web conferencing, presentations and desktop sharing. A reflected cross-site scripting vulnerability exists in Adobe Connect 11.2.2 and earlier versions. An attacker could exploit this vulnerability to execute arbitrary code...

CVE-2021-40457 Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

...

e-learning.efomp.org Cross Site Scripting vulnerability OBB-2163390

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

nortire.ee Cross Site Scripting vulnerability OBB-2163293

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

lis.bremen.de Cross Site Scripting vulnerability OBB-2163269

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

vanhamel.nl Cross Site Scripting vulnerability OBB-2163244

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

byte.fm Cross Site Scripting vulnerability OBB-2163227

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

signup.orderonthego.com Cross Site Scripting vulnerability OBB-2161413

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

IR615 Router Cross-Site Scripting Vulnerability (CNVD-2021-82946)

The IR615 Router is a 4G industrial router from Rimu Technologies, China. IR615 Router has a cross-site scripting vulnerability that could be exploited to hijack user sessions connected to the system...

dehuitechnology.com Cross Site Scripting vulnerability OBB-2160864

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2021-40888

Projectsend version r1295 is affected by Cross Site Scripting XSS due to lack of sanitization when echo output data in returnFilesIds function. A low privilege user can call this function through process.php file and execute scripting code...

joe-ks.com Cross Site Scripting vulnerability OBB-2160215

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

stuben-arlberg.at Cross Site Scripting vulnerability OBB-2159773

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

proinvestor.com Cross Site Scripting vulnerability OBB-2158832

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

shs.touro.edu Cross Site Scripting vulnerability OBB-2158342

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

attenberger.de Cross Site Scripting vulnerability OBB-2158095

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

UBUNTU-CVE-2021-39885

A Stored XSS in merge request creation page in all versions of Gitlab EE starting from 13.7 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions starting from 14.3 before 14.3.1 allows an attacker to execute arbitrary JavaScript code on the victim's behalf via malicious...