2302 matches found
IBM Connections Cross-Site Scripting Vulnerability (CNVD-2016-06647)
IBM Connections is a suite of social software platforms from IBM in the United States. The platform provides advanced analytics and real-time data monitoring capabilities, and accelerates web collaboration within and outside the organization through IBM SmartCloud services. A cross-site scripting...
IBM Connections Cross-Site Scripting Vulnerability (CNVD-2016-06646)
IBM Connections is a suite of social software platforms from IBM in the United States. The platform provides advanced analytics and real-time data monitoring capabilities, and accelerates web collaboration within and outside the organization through IBM SmartCloud services. A cross-site scripting...
CloudForms: Lack of field filters on user input
It was found that the CloudForms web UI did not properly filter input in certain fields. A remote, authenticated attacker could use this flaw to execute arbitrary code on the system running CloudForms...
Bluetooth Smart MITM Framework: BtleJuice
Bluetooth Smart MITM Framework BtleJuice is a complete framework to perform Man-in-the-Middle attacks on Bluetooth Smart devices also known as Bluetooth Low Energy. It is composed of: an interception core an interception proxy a dedicated web interface Python and Node.js bindings How to install...
The vulnerability of Google Chrome browser allows a violator to circumvent access restrictions.
The vulnerability of the content/browser/webui/contentwebuicontrollerfactory.cc file of Google Chrome is related to security configuration errors. Exploiting this vulnerability can allow an attacker, operating remotely, to circumvent access restrictions due to errors in processing requests to the...
Fortinet FortiSandbox Cross-Site Scripting Vulnerability (CNVD-2016-03774)
Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A cross-site scripting vulnerability exists in the Web User Interface WebUI of...
CVE-2015-7360
Multiple cross-site scripting XSS vulnerabilities in the Web User Interface WebUI in Fortinet FortiSandbox before 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 serial parameter to alerts/summary/profile/; the 2 urlForCreatingReport parameter to csearch/report/export/...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Web User Interface WebUI in Fortinet FortiSandbox before 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 serial parameter to alerts/summary/profile/; the 2 urlForCreatingReport parameter to csearch/report/export/...
CVE-2015-7360
FortiSandbox WebUI prior to version 2.1 is vulnerable to multiple cross-site scripting (XSS) flaws. The Flaws allow remote attackers to inject arbitrary script or HTML via: (1) the serial parameter in alerts/summary/profile/; (2) the urlForCreatingReport parameter in csearch/report/export/; (3) t...
CVE-2015-7360
Multiple cross-site scripting XSS vulnerabilities in the Web User Interface WebUI in Fortinet FortiSandbox before 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 serial parameter to alerts/summary/profile/; the 2 urlForCreatingReport parameter to csearch/report/export/...
CVE-2016-3079
Multiple cross-site scripting XSS vulnerabilities in the Web UI in Spacewalk and Red Hat Satellite 5.7 allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to systems/SystemEntitlements.do; 2 the label parameter to admin/multiorg/EntitlementDetails.do; or the name of a...
Fortinet FortiOS Web User Interface Redirection Vulnerability
Fortinet FortiOS is a set of security operating system developed by the U.S. Fiat Fortinet company dedicated to FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering and anti-spam and other security features. A security...
CVE-2016-3978
The Web User Interface WebUI in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting XSS attacks via the "redirect" parameter to "login."...
Cross site scripting
The Web User Interface WebUI in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting XSS attacks via the "redirect" parameter to "login."...
CVE-2016-3978
FortiOS Web UI (Fortinet) is affected by CVE-2016-3978. Affects FortiOS WebUI in 5.0.x prior to 5.0.13, 5.2.x prior to 5.2.3, and 5.4.x prior to 5.4.0. The flaw allows remote attackers to redirect users to arbitrary sites via the redirect parameter to login, enabling phishing or cross-site script...
Citrix XenMobile Server Cross-Site Scripting Vulnerability
Citrix XenMobile is a Mobile Device and Application Management Solution A cross-site scripting vulnerability exists in the Web User Interface of Citrix XenMobile Server versions 10.0, 10.1 prior to Rolling Patch 4, and 10.3 prior to Rolling Patch 1, which can be exploited by remote attackers to...
CVE-2016-2789
Cross-site scripting XSS vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2016-2789
Cross-site scripting XSS vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2016-2789
CVE-2016-2789 is a cross-site scripting (XSS) vulnerability in the Web User Interface of Citrix XenMobile Server 10.x. The issue affects XenMobile Server 10.0, 10.1 (before Rolling Patch 4), and 10.3 (before Rolling Patch 1). An attacker could inject arbitrary web script or HTML via unspecified v...