Solarwinds Orion Platform Cross-Site Scripting Vulnerability (CNVD-2021-69606)

Solarwinds Orion Platform is a network fault and network performance management platform from Solarwinds, Inc. Solarwinds Orion Platform is a cross-site scripting vulnerability that can be exploited by attackers to store XSS via text box hyperlinks...

CVE-2021-35239

A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink...

CVE-2021-35239

A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink...

CVE-2021-35239 Stored XSS in Maps text box hyperlink Vulnerability

A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink...

CVE-2020-20699

A cross site scripting XSS vulnerability in S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Copyright text box under Basic Settings...

S-CMS Cross-Site Scripting Vulnerability (CNVD-2021-58258)

S-CMS 3.0 has a cross-site scripting vulnerability, which can be exploited by attackers via the "Copyright" text box under "Basic Settings" to execute arbitrary Web scripts or HTML. The vulnerability can be exploited to execute arbitrary Web scripts or HTML via the "Copyright" text box under "Bas...

CVE-2020-19202

An authenticated Stored XSS Cross-site Scripting exists in the "captive.cgi" Captive Portal via the "Title of Login Page" text box or "TITLE" parameter in IPFire 2.21 x8664 - Core Update 130. It allows an authenticated WebGUI user with privileges to execute Stored Cross-site Scripting in the...

FTAPI 跨站脚本漏洞

A cross-site scripting vulnerability exists in FTAPI 4.0 - 4.10, which allows the passage of a crafted filename to an alternate text hover box in the file submission component...

Update for RichTextBox controls and ALT codes in Windows 8.1

Update for RichTextBox controls and ALT codes in Windows 8.1 Summary This update fixes the following issues: You have a RichTextBox control in a Windows-based application in Windows 8.1. When you try to check the spelling within the control, the application crashes in the Msftedit.dll file. When...

Single string is drawn by multiple fonts in the TextBox control of Windows Store application in Windows

Single string is drawn by multiple fonts in the TextBox control of Windows Store application in Windows This article describes an issue that occurs when the MS Mincho font is assigned for the TextBox control in Windows RT 8.1, Windows 8.1, or Windows Server 2012 R2. You can resolve this issue by...

jenkins: Stored XSS vulnerability in expandable textbox form control

In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:expandableTextBox form control interpreted its content as HTML when expanded, resulting in a stored XSS vulnerability exploitable by users with permission to define its contents typically Job/Configure...

PT-2019-11795 · Cloudbees +1 · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.196 and earlier, LTS versions 2.176.3 and earlier Description: The issue concerns a stored XSS vulnerability. It occurs because the f:expandableTextBox form control interprets its content as HTML when expanded. This can be...

CVE-2019-15233

The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for Confluence has XSS, leading to theft of the Administrator Session Cookie...

CVE-2019-14731

An issue was discovered in ZenTao 11.5.1. There is an XSS stored vulnerability that leads to the capture of other people's cookies via the Rich Text Box...

CVE-2019-14731

An issue was discovered in ZenTao 11.5.1. There is an XSS stored vulnerability that leads to the capture of other people's cookies via the Rich Text Box...

Cross site scripting

An issue was discovered in ZenTao 11.5.1. There is an XSS stored vulnerability that leads to the capture of other people's cookies via the Rich Text Box...

CVE-2019-14731

An issue was discovered in ZenTao 11.5.1. There is an XSS stored vulnerability that leads to the capture of other people's cookies via the Rich Text Box...

CVE-2019-14731

CVE-2019-14731 affects ZenTao 11.5.1 with a stored XSS in the Rich Text Box that can lead to capture of other users’ cookies. Connected sources describe the issue as XSS (stored) in ZenTao 11.5.1 and note lack of input validation in the related web UI/WEB application as a contributing factor (e.g...

CVE-2018-19444

A use after free in the TextBox field Validate action in IReaderContentProvider can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19452, this has a different free locatio...

CVE-2018-19452

A use after free in the TextBox field Mouse Enter action in IReaderContentProvider can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19444, this has a different free...