Orchard Core 跨站脚本漏洞

Net Core, an open source modular and multi-tenant application framework built using Asp.Net Core, and a content management system Cms built on top of the framework.A cross-site scripting vulnerability exists in Orchard Core, which stems from the lack of proper validation of client-side data in th...

FUEL CMS 跨站脚本漏洞

FUEL CMS is a content management system CMS based on the Codelgniter framework. version 1.5.1 of FUEL CMS suffers from a cross-site scripting vulnerability, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to...

Bosch Rexroth IndraMotion Mlc 跨站脚本漏洞

The Bosch Rexroth IndraMotion Mlc is a new device that combines motion and logic control, as well as robot control.A cross-site scripting vulnerability exists in the Bosch Rexroth IndraMotion Mlc, which stems from the lack of proper validation of client-side data by the WEB application. An attack...

Secomea SiteManager Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in Secomea SiteManager that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

F5 BIG-IP AFM 跨站脚本漏洞

F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. A cross-site scripting vulnerability exists in BIG-IP AFM, which originates from the lack of proper validation of client data by a WEB application. An attacker can exploit this vulnerability to execute...

Tufin SecureTrack R20-2 GA Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in the Tufin SecureTrack R20-2 GA that stems from a lack of proper validation of client-side data by a WEB application. An attacker can exploit this vulnerability to execute client-side code...

QNAP Systems TS-870 Cross-Site Scripting Vulnerability

QNAP Systems TS-870 is a NAS Network Attached Storage appliance from China Weilian QNAP Systems. A cross-site scripting vulnerability exists in PhotoStation Filenames in the QNAP Systems TS-870 using firmware version 4.3.4.0486. The vulnerability stems from a lack of proper validation of client...

Teradici PCoIP Management Console Cross-Site Scripting Vulnerability

Teradici PCoIP Management Console is a console program for managing PCoIP clients from Teradici Canada. A cross-site scripting vulnerability exists in Teradici PCoIP Management Console versions prior to 20.07. The vulnerability stems from a lack of proper validation of client data by the web...

CloudBees Jenkins and LTS Cross-Site Scripting Vulnerability (CNVD-2020-46328)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...

phpList cross-site scripting vulnerability (CNVD-2020-41811)

phpList is an open source newsletter and email marketing software from phpList UK. A cross-site scripting vulnerability exists in phpList 3.5.4 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...

NETGEAR R6700 and R6900 Cross-Site Scripting Vulnerability

The NETGEAR R6700 and NETGEAR R6900 are both a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR R6700 prior to version 1.0.1.36 and the R6900 prior to version 1.0.1.34, which stems from a lack of proper validation of client data by a web application and can...

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-31238)

NETGEAR D6200 and others are products of NETGEAR Corporation.NETGEAR D6200 is a wireless modem.NETGEAR WNR2020 is a wireless router.NETGEAR R6220 is a wireless router.NETGEAR WNR2020 is a wireless router.NETGEAR WNR2020 is a wireless router.NETGEAR WNR2020 is a wireless router.NETGEAR WNR2020 is ...

NETGEAR RBR50, RBS50, and RBK50 Cross-Site Scripting Vulnerabilities (CNVD-2020-26947)

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR RBR50 prior to version 2.3.5.30, RBS50 prior to version 2.3.5.30, and RBK50 prior to version 2.3.5.30. The vulnerability stems from a lack of proper validation of...

eten Technologies PSG-6528VM Cross-Site Scripting Vulnerability

The eten Technologies PSG-6528VM is a Gigabit PoE switch from eten Technologies of Taiwan, China. A cross-site scripting vulnerability exists in the eten Technologies PSG-6528VM version 1.1. The vulnerability stems from the lack of proper validation of client data by the WEB application. An...

Swisscom Centro Grande Cross-Site Scripting Vulnerability

The Swisscom Centro Grande is a router from Swisscom, Switzerland. A cross-site scripting vulnerability exists in Swisscom Centro Grande versions prior to 6.16.12, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerabilit...

SAP NetWeaver and S/4HANA Cross-Site Scripting Vulnerability

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A cross-site scripting vulnerability exists in SAP NetWeaver and S/4HANA. The vulnerability stems from a lack of...

Gchq stroom cross-site scripting vulnerability

Stroom is a scalable data storage, processing and analytics platform. A cross-site scripting vulnerability exists in Gchq stroom. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side...

Zimbra Collaboration Cross-Site Scripting Vulnerability (CNVD-2020-05089)

Zimbra Collaboration is a suite of email and collaboration solutions from Zimbra USA. The solution offers email, contacts, calendaring, file sharing, social networking, and more. A cross-site scripting vulnerability exists in Zimbra Collaboration. The vulnerability stems from the WEB application...

UHP UHP-100 cross-site scripting vulnerability (CNVD-2020-07243)

The UHP-100 is a high-performance router designed for large-scale deployment in broadband VSAT networks. A cross-site scripting vulnerability exists in UHP-100 3.4.1.15, 3.4.2.4, and 3.4.3. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker...

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01242)

Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...