12 matches found
CVE-2017-18177
Progress Sitefinity 9.1 has XSS via the Last name, First name, and About fields on the New User Creation Page. This is fixed in 10.1...
Weak Password Requirements
Overview Affected versions of this package are vulnerable to Weak Password Requirements via manipulation of the Senha/Confirmação da senha argument in the User Creation Page. An attacker can bypass strong password requirements by submitting weak passwords during user account creation. Remediation...
NovoSGA: Manipulation of User Creation Page can lead to weak password requirements
A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...
CVE-2025-11322
A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...
CVE-2025-11322 Mangati NovoSGA User Creation new weak password
A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...
EUVD-2025-32490
A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...
CVE-2025-11322 Mangati NovoSGA User Creation new weak password
A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...
PT-2025-40851
Name of the Vulnerable Software and Affected Versions Mangati NovoSGA versions up to 2.2.12 Description A weakness exists in Mangati NovoSGA up to version 2.2.12 related to weak password requirements during user creation. The issue is located in the User Creation Page component, specifically with...
CVE-2023-24065
NOSH 4a5cfdb allows stored XSS via the create user page. For example, a first name of a physician, assistant, or billing user can have a JavaScript payload that is executed upon visiting the /users/2/1 page. This may allow attackers to steal Protected Health Information because the product is for...
CVE-2023-24065
NOSH 4a5cfdb allows stored XSS via the create user page. For example, a first name of a physician, assistant, or billing user can have a JavaScript payload that is executed upon visiting the /users/2/1 page. This may allow attackers to steal Protected Health Information because the product is for...
CVE-2017-18177
Progress Sitefinity 9.1 has XSS via the Last name, First name, and About fields on the New User Creation Page. This is fixed in 10.1...
CVE-2017-18177
Progress Sitefinity 9.1 is affected by a cross-site scripting (XSS) vulnerability exposed via the Last name, First name, and About fields on the New User Creation Page. The issue arises in the 9.1 release and is fixed in version 10.1. The available connected sources consistently describe this vul...