Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a...

Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerabilities (cisco-sa-20170621-piwf1)

A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be...

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a...

Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerability (cisco-sa-20170621-piwf)

A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be...

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. The vulnerability is due to insufficient validation of user-supplied input by the affected...

Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerability

A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of some...

Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerabilities

A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of some...

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Microsoft ASP.NET Core Spoofing Vulnerability

Microsoft ASP.NET Core is a cross-platform open source framework from Microsoft. The framework is used to build cloud-based applications such as Web One applications, IoT applications, and mobile backends. A spoofing vulnerability exists in Microsoft ASP.NET Core, which stems from the program...

Cisco TelePresence IX5000 Series Directory Traversal Vulnerability

Cisco TelePresence is a Cisco TelePresence solution. A directory traversal vulnerability exists in the web framework of the Cisco TelePresence IX5000 Seriesg that originates from invalid input authentication. An unauthenticated, remote attacker could exploit this vulnerability to access arbitrary...

CVE-2017-6652

A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using directory...

CVE-2017-6652

A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using directory...

CVE-2017-6652

The CVE-2017-6652 issue affects Cisco TelePresence IX5000 Series devices running software version 8.2.0 and is a directory-traversal vulnerability in the web framework caused by insufficient input validation. An unauthenticated, remote attacker could read arbitrary files from the device filesyste...

Debian DSA-3835-1 : python-django - security update

Several vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-9013 Marti Raudsepp reported that a user with a hard-coded password is created when running tests with ...

Cisco Prime Infrastructure Cross-Site Scripting Vulnerability (CNVD-2017-06698)

Cisco Prime Infrastructure PI is a set of Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technologies for wireless management. solution. A cross-site scripting vulnerability exists in the Web framework code in Cisco PI that stems from the program failing to...

[SECURITY] Fedora 25 Update: python-django-1.9.13-1.fc25

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 26 Update: python-django-1.10.7-1.fc26

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

CVE-2017-6611

A vulnerability in the web framework code of Cisco Prime Infrastructure 2.22 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of some...

CVE-2017-6611

CVE-2017-6611 affects Cisco Prime Infrastructure 2.2(2). The root cause is insufficient input validation in the web framework code, enabling an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack on users of the web interface. Exploitation could allow execution of arbi...