CVE-2021-32106

In ICEcoder 8.0 allows, a reflected XSS vulnerability was identified in the multipe-results.php page due to insufficient sanitization of the GET'replace' variable. As a result, arbitrary Javascript code can get executed...

APSB21-39 Security update available for Adobe Experience Manager

Adobe has released updates for Adobe Experience Manager AEM. These updates resolve vulnerabilities rated Important and moderate. Successful exploitation of these vulnerabilities could result in arbitrary JavaScript execution in the browser...

IBM Engineering Lifecycle Optimization - Engineering Insights Cross-Site Scripting Vulnerability

IBM Engineering Lifecycle Optimization - Engineering Insights is a collaborative Web-based application that unlocks engineering data from a variety of lifecycle management applications to give you the information you need to make the best engineering decisions. A cross-site scripting vulnerabilit...

CVE-2021-29670

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...

CVE-2021-3529

A flaw was found in noobaa-core in versions before 5.7.0. This flaw results in the name of an arbitrarily URL being copied into an HTML document as plain text between tags, including potentially a payload script. The input was echoed unmodified in the application response, resulting in arbitrary...

IBM Cognos Analytics Cross-Site Scripting Vulnerability (CNVD-2021-38670)

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A cross-site scripting...

IBM Engineering Lifecycle Optimization 跨站脚本漏洞

IBM Engineering Lifecycle Optimization ELO is an extension of the Engineering Lifecycle Management ELM portfolio from IBM America. They make it easier to collect and analyze data across the development environment to make better decisions. Automate reporting to ensure that the entire organization...

IBM Cognos Analytics 跨站脚本漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A cross-site scripting...

CVE-2021-20386

IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195767...

Vulnerability found in Mozilla Firefox

Researchers have found a vulnerability in Mozilla Firefox. The vulnerability allows a remote malicious person to execute arbitrary JavaScript code in the context of the web browser. To exploit this vulnerability, a malicious person to induce the victim to visit a rogue server. visit. Then, the...

CVE-2021-31930

Persistent cross-site scripting XSS in the web interface of Concerto through 2.3.6 allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into the First Name or Last Name parameter upon registration. When a privileged user attempts to delete the...

Cross site scripting

Persistent cross-site scripting XSS in the web interface of Concerto through 2.3.6 allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into the First Name or Last Name parameter upon registration. When a privileged user attempts to delete the...

CVE-2021-31930

Persistent cross-site scripting XSS in the web interface of Concerto through 2.3.6 allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into the First Name or Last Name parameter upon registration. When a privileged user attempts to delete the...

The vulnerability of Adobe Connect’s instant messaging program, related to the lack of protective measures for the website structure, allows a hacker to execute arbitrary JavaScript code in the user’s browser.

The vulnerability of the Adobe Connect instant messaging program relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...

The vulnerability of the Magento Commerce software platform for developing and managing online stores stems from the lack of measures taken to protect the website structure, allowing attackers to execute arbitrary JavaScript code.

The vulnerability of the Magento Commerce development and management software platform relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser, through access with...

XSS in Issue Type /editworkflowscheme.jspa - CVE 2021-26080

Affected versions of Jira Server and Jira Data Center have a XSS vulnerability in the EditWorkflowScheme.jspa component which allows remote attackers to inject arbitrary HTML or JavaScript: Affected versions: version 8.5.14 8.6.0 ≤ version 8.13.6 8.14.0 ≤ version 8.16.1 Fixed versions: 8.5.14...

XSS in Issue Type /editworkflowscheme.jspa - CVE 2021-26080

Affected versions of Jira Server and Jira Data Center have a XSS vulnerability in the EditWorkflowScheme.jspa component which allows remote attackers to inject arbitrary HTML or JavaScript: Affected versions: version 8.5.14 8.6.0 ≤ version 8.13.6 8.14.0 ≤ version 8.16.1 Fixed versions: 8.5.14...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2021-49191)

Adobe Experience Manager is an enterprise content management solution that helps you streamline the management and delivery of your content and assets. A cross-site scripting vulnerability exists in Adobe Experience Manager. An attacker can exploit this vulnerability to execute arbitrary JavaScri...

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is an enterprise content management solution that helps you streamline the management and delivery of your content and assets. A cross-site scripting vulnerability exists in Adobe Experience Manager. An attacker can exploit this vulnerability to execute arbitrary JavaScri...

CVE-2021-3529

A flaw was found in noobaa-core. This flaw results in the name of an arbitrary URL copied into an HTML document as plain text between tags, including a potential payload script. The input is echoed unmodified in the application response, resulting in arbitrary JavaScript being injected into an...