Cross site scripting

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...

CVE-2024-20251

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability exists because the web-based...

CVE-2024-20251

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability exists because the web-based...

CVE-2024-20251

Cisco Identity Services Engine (ISE) web-based management interface is affected by a stored XSS due to improper input validation. An authenticated, remote attacker could inject malicious script on interface pages, potentially executing code in the user’s browser or accessing browser-based data. M...

CVE-2024-20270

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...

Cisco Identity Services Engine Stored XSS (cisco-sa-ISE-XSS-bL4VTML)

According to its self-reported version, Cisco Identity Services Engine is affected by a cross-site scripting vulnerability. A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to perform a stored cross-site...

Cisco TelePresence Management Suite < 15.13.6 XSS (cisco-sa-tms-portal-xss-AXNeVg3s)

According to its self-reported version, Cisco TelePresence Management Suite is affected by multiple cross-site scripting XSS vulnerabilities. Due to insufficient validation of the web-based management, a remote attacker can inject malicious data into a specific field of the interface. A successfu...

Code injection

The "upsell" widget at the portal page could be abused to inject arbitrary script code. Attackers that manage to lure users to a compromised account, or gain temporary access to a legitimate account, could inject script code to gain persistent code execution capabilities under a trusted domain...

Cross site scripting

HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user after visiting the vulnerable URL which leads to executing malicious script code. This may let the attacker steal...

Cisco IP Phone Stored XSS (cisco-sa-uipphone-xss-NcmUykqA)

According to its self-reported version, Cisco IP Phone Stored Cross-Site Scripting may be affected by a cross-site scripting XSS vulnerability. Due to insufficient validation of user-supplied input, an authenticated, remote attacker can conduct an XSS attacker against a user of the interface on t...

Cross site scripting

A vulnerability in the web-based management interface of a small subset of Cisco IP Phones could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation ...

CVE-2023-20265

A vulnerability in the web-based management interface of a small subset of Cisco IP Phones could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation ...

CVE-2023-20265

A vulnerability in the web-based management interface of a small subset of Cisco IP Phones could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation ...

CVE-2023-5599

A stored Cross-site Scripting XSS vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allows an attacker to execute arbitrary script code...

CVE-2023-5598

Stored Cross-site Scripting XSS vulnerabilities affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allow an attacker to execute arbitrary script code...

Cross site scripting

A stored Cross-site Scripting XSS vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allows an attacker to execute arbitrary script code...

CVE-2023-5599 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x

A stored Cross-site Scripting XSS vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allows an attacker to execute arbitrary script code...

CVE-2023-5599 Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x

A stored Cross-site Scripting XSS vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allows an attacker to execute arbitrary script code...

CVE-2023-37533 HCL Connections is vulnerable to reflected cross-site scripting

HCL Connections is vulnerable to reflected cross-site scripting XSS where an attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user after visiting the vulnerable URL which contains the malicious script code. This may allow the attacker to steal...

HCL Technologies HCL Connections Cross-Site Scripting Vulnerability

HCL Technologies Hcl Connections is a Web 2.0 enterprise collaboration platform application from HCL Technologies, Inc. It is used to help teams become more productive. A security vulnerability exists in HCL Technologies HCL Connections. An attacker can exploit the vulnerability to execute...