Lucene search
K

109 matches found

Redos
Redos
added 2026/04/20 12:0 a.m.8 views

ROS-20260420-73-0037

Vulnerability in mediawiki due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

4.8CVSS6.2AI score0.00218EPSS
Exploits0
Redos
Redos
added 2026/03/19 12:0 a.m.7 views

ROS-20260319-73-0013

Vulnerability in glpi due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

6.5CVSS6.2AI score0.00241EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/09 12:0 a.m.12 views

The vulnerability of the OpenSearch software package lies in its lack of measures to protect the structure of web pages, allowing attackers to execute arbitrary code.

The vulnerability of the OpenSearch software package is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code...

6.4CVSS7.5AI score0.00581EPSS
Exploits2References7Affected Software2
Positive Technologies
Positive Technologies
added 2025/05/26 12:0 a.m.11 views

PT-2025-28936 · Ип Кривочуров Дмитрий Анатольевич · Экспорт В Excel. Выгрузка Каталога Товаров 1С-Битрикс. Создание Прайс-Листа

Уязвимость плагина «Экспорт в Excel» существует из-за непринятием мер по защите структуры веб-страницы. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, провести атаку межсайтового скриптинга XSS...

5CVSS7.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/26 12:0 a.m.16 views

PT-2025-28937 · Ип Кривочуров Дмитрий Анатольевич · Экспорт/Импорт Товаров В Excel

Уязвимость плагина «Экспорт/Импорт товаров в Excel» существует из-за непринятием мер по защите структуры веб-страницы. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, провести атаку межсайтового скриптинга XSS...

5CVSS7.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/26 12:0 a.m.7 views

PT-2025-28934 · Ип Кривочуров Дмитрий Анатольевич · Импорт Из Xml

Уязвимость плагина «Импорт из XML, и YML» существует из-за непринятием мер по защите структуры веб-страницы. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, провести атаку межсайтового скриптинга XSS...

5CVSS7.3AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.9 views

The vulnerability of the ColdFusion software platform, which arises due to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the ColdFusion software platform exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...

6.4CVSS5.2AI score0.14894EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/18 12:0 a.m.8 views

PT-2025-10120 · Esri · Arcgis Server

Name of the Vulnerable Software and Affected Versions: ArcGIS Server affected versions not specified Description: The issue is related to the lack of protection for the web page structure in ArcGIS Server. This could allow a remote attacker to conduct cross-site scripting attacks. Recommendations...

5.5CVSS6.4AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.7 views

Vulnerability of the Currency.php script (phpoffice/phpspreadsheet/samples/Wizards/NumberFormat/Currency.php) in the PHP library PhpSpreadsheett, which allows attackers to perform cross-site scripting attacks

The vulnerability in the Currency.php script phpoffice/phpspreadsheet/samples/Wizards/NumberFormat/Currency.php of the PhpSpreadsheet library involves a lack of measures to protect web page structures. Exploiting this vulnerability allows an attacker to perform cross-site scripting attacks remote...

8.5CVSS5.2AI score0.00325EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/08 12:0 a.m.3 views

PT-2025-7269 · Weeek · Weeek

Name of the Vulnerable Software and Affected Versions: WEEEK affected versions not specified Description: The issue is related to the lack of protection of the web page structure, allowing an attacker to execute arbitrary code by injecting specially crafted HTML code. Recommendations: At the...

8.7CVSS7.6AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/09 12:0 a.m.4 views

The vulnerability of microprogramming software in embedded network control devices of ASPECT Enterprise, NEXUS Series, and MATRIX Series is related to the lack of measures taken to protect the website structure. This allows attackers to carry out XSS attacks.

The vulnerability of microprogramming software in embedded network control devices of ASPECT Enterprise, NEXUS Series, and MATRIX Series is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow a malicious actor to carry out XSS attac...

9CVSS7.7AI score0.01099EPSS
Exploits7References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/25 12:0 a.m.8 views

The vulnerability of the Consul service configuration tool arises from the lack of measures taken to protect the structure of web pages. This allows attackers to carry out XSS attacks.

The vulnerability of the Consul service configuration tool exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

6.4CVSS6.8AI score0.00427EPSS
Exploits0References5Affected Software4
Positive Technologies
Positive Technologies
added 2024/11/20 12:0 a.m.4 views

PT-2024-9339 · Drupal · Drupal Core

Name of the Vulnerable Software and Affected Versions: Drupal Core versions 8.8.0 through 10.2.11 Drupal Core versions 10.3.0 through 10.3.9 Drupal Core versions 11.0.0 through 11.0.8 Description: The issue is related to insufficient protection of the web page structure, allowing an attacker to...

5.4CVSS5AI score0.00327EPSS
Exploits0References22
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.8 views

The vulnerability of the Portal for ArcGIS web portal, related to the lack of measures taken to protect the structure of the web page, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Portal for ArcGIS is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created web page...

6.4CVSS5.2AI score0.00311EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.10 views

The vulnerability of the Portal for ArcGIS web portal, related to the lack of measures taken to protect the structure of the web page, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Portal for ArcGIS is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created web page...

5.5CVSS5.2AI score0.00403EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/22 12:0 a.m.5 views

PT-2024-28 · Unknown · Pt Sandbox +1

Name of the Vulnerable Software and Affected Versions: PT MultiScanner and PT Sandbox affected versions not specified Description: The issue is related to the lack of protection for the web page structure in PT MultiScanner and PT Sandbox. This could allow a remote attacker to elevate their...

5CVSS7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/08 12:0 a.m.7 views

PT-2024-6990 · Microsoft · Power Bi Report Server

Name of the Vulnerable Software and Affected Versions: Power BI Report Server affected versions not specified Description: The issue is related to the Power BI Report Server and involves a lack of protection for the web page structure, potentially allowing a remote attacker to perform cross-site...

7.5CVSS6.2AI score0.00695EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/09/20 12:0 a.m.6 views

The vulnerability of the IntelliJ IDEA integrated development environment lies in its lack of protection for web page structures. This allows attackers to execute cross-site scripting attacks by modifying the project name.

The vulnerability of the IntelliJ IDEA integrated development environment is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability may allow attackers to execute cross-site scripting attacks...

3.3CVSS5.4AI score0.0038EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/21 12:0 a.m.5 views

The vulnerability of the logging module in CMS systems like Netcat allows attackers to execute arbitrary JavaScript code.

The vulnerability of the logging module in CMS systems like Netcat exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...

9CVSS5.8AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/21 12:0 a.m.7 views

The vulnerability of the component_id and object_id parameters of the Netcat landing CMS system allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the componentid and objectid parameters in the Netcat landing CMS system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...

9CVSS5.8AI score
Exploits0References1Affected Software1
Rows per page
Query Builder