The vulnerability of the Strapi content management system, related to the lack of protective measures for web pages, allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the CMS Strapi content management platform, related to the lack of security measures for web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code by loading a specially crafted PDF file remotely...

The vulnerability of the operating system for managing Synology Router Manager allows for cross-site scripting attacks, as a lack of security measures has been taken to protect the website structure. This vulnerability enables attackers to carry out cross-site scripting attacks.

The vulnerability of the Synology Router Manager operating system for managing network devices is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of HP LaserJet Pro printer microprogramming software, related to the lack of protective measures for website structures, allows attackers to carry out XSS attacks.

The vulnerability of HP LaserJet Pro printer microprogramming software is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the monitoring tool for VMware Aria Operations, related to the lack of protective measures for the website structure, allows attackers to execute cross-site scripting attacks (XSS).

The vulnerability of the monitoring tool for VMware Aria Operations is related to the lack of security measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks XSS remotely...

The vulnerability of the LuCI interface in the embedded operating system OpenWrt, which allows a hacker to perform XSS attacks.

The vulnerability of the LuCI interface in the embedded operating system OpenWrt is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerabilities of the ESS profiles and the Radius microprogramming software of FortiWLC controllers allow attackers to execute cross-site scripting attacks.

The vulnerability of the ESS profiles and the Radius microprogramming software of FortiWLC wireless access controllers is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks...

U.S. Dept Of Defense: EC2 subdomain takeover at http://████████/

There is a dangling DNS A record that points to an EC2 instance that no longer exists, I was able to claim the EC2 instance and host content on http://███████/. Steps To Reproduce: 1. Visit http://█████████/██████████.html and view the PoC: ██████ Suggested Remediation Steps Remove the A record...

The vulnerability of the web interface of the IoT Field Network Director software management tool allows a attacker to perform a cross-site scripting attack.

The vulnerability of the IoT Field Network Director software management web interface is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...