33 matches found
Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01245)
Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...
DAViCal Cross-Site Request Forgery Vulnerability
DAViCal is a calendar sharing server that is an implementation of the CalDAV protocol. A cross-site request forgery vulnerability exists in DAViCal 1.1.8 and earlier versions. The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted...
OpenWrt Cross-Site Scripting Vulnerability
OpenWrt is a Linux operating system for embedded devices. A cross-site scripting vulnerability exists in OpenWrt version 18.06.4, which stems from the lack of proper validation of client-side data by a WEB application. An attacker can exploit this vulnerability to execute client-side code...
JetBrains Upsource Cross-Site Scripting Vulnerability
JetBrains Upsource is a set of code review tools from the Czech company JetBrains. A cross-site scripting vulnerability exists in versions prior to JetBrains Upsource 2019.1.1412. The vulnerability stems from the lack of proper validation of client data by the WEB application. An attacker can...
AVG AntiVirus Cross-Site Scripting Vulnerability (CNVD-2020-10164)
Avast Antivirus is a suite of antivirus software from the Czech company Avast. A cross-site scripting vulnerability exists in Network Notification Popup in Avast AntiVirus Free, Internet Security and Premiere Edition version 19.3.2369 build 19.3.4241.440. The vulnerability stems from a lack of...
Mitsubishi Electric smartRTU and Inea ME-RTU Cross-Site Scripting Vulnerability
Mitsubishi Electric smartRTU is an intelligent Remote Terminal Unit RTU from Mitsubishi Electric, Japan.Inea ME-RTU is an intelligent communication gateway product from Inea, Slovenia. A cross-site scripting vulnerability exists in Mitsubishi Electric smartRTU version 2.02 and earlier and INEA...
Veeam ONE Reporter Cross-Site Scripting Vulnerability
Veeam ONE Reporter is part of the Veeam ONE integrated solution from Veeam Switzerland. The product is used for analytics, decision making, refunds, change tracking, capacity planning and resource utilization optimization. A cross-site scripting vulnerability exists in Veeam ONE Reporter version...
Micro Focus ArcSight Security Management Center Cross-Site Scripting Vulnerability
Micro Focus ArcSight Security Management Center ArcMC is a suite of centralized security management centers from Micro Focus UK. The product focuses on managing ArcSight solutions through a single interface, including automated change management, log traffic management and other features. A...
Cisco Identity Services Engine Cross-Site Scripting Vulnerability (CNVD-2019-23288)
Cisco Identity Services Engine ISE is an identity-based environment awareness platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users and devices, and develops and enforces policies to regulate the network. A cross-site scripting...
Synology Note Station Cross-Site Scripting Vulnerability (CNVD-2019-20979)
Synology Note Station is a cloud-based note management application from Synology Inc. of Taiwan, China. A cross-site scripting vulnerability exists in SYNO.NoteStation.Shard in Synology Note Station versions prior to 2.5.3-0863. The vulnerability stems from the WEB application lacking proper...
Westermo DR-260 Router, Westermo DR-250 Router and Westermo MR-260 Router Cross-Site Scripting Vulnerabilities
Westermo DR-260 and others are products of the Swedish company Westermo.Westermo DR-260 is a DSL router.Westermo DR-250 is a DSL router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia...
Cisco Small Business RV320 and Cisco Small Business RV325 Cross-Site Scripting Vulnerabilities
The Cisco Small Business RV320 and the Cisco Small Business RV325 are both a VPN router from Cisco. The Cisco Small Business RV320 and Cisco Small Business RV325 are vulnerable to a cross-site scripting vulnerability that stems from a lack of proper validation of client data by a web application...
PrinterOn Enterprise Cross-Site Scripting Vulnerability
PrinterOn Enterprise is a secure cloud printing solution from PrinterOn Canada. The solution supports printing from laptops, desktops and mobile devices connected to printers. A cross-site scripting vulnerability exists in PrinterOn Enterprise version 4.1.4, which stems from a lack of proper...