CVE-2023-37425 Unauthenticated Stored Cross-Site Scripting Vulnerability (XSS) in EdgeConnect SD-WAN Orchestrator Web-Based Management Interface

A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary...

CVE-2023-37423 Authenticated Stored Cross-Site Scripting Vulnerabilities (XSS) in EdgeConnect SD-WAN Orchestrator Web Administration Interface

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute...

CVE-2023-37422 Authenticated Stored Cross-Site Scripting Vulnerabilities (XSS) in EdgeConnect SD-WAN Orchestrator Web Administration Interface

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute...

CVE-2023-20203

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device...

Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device...

CVE-2023-20222

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. The...

CVE-2023-20204

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface...

CVE-2023-20181

A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to conduct XSS attacks. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the...

CVE-2023-20181

A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to conduct XSS attacks. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the...

Cisco NX-OS Software NX-API Sandbox Cross-site Scripting (CVE-2019-1733)

A vulnerability in the NX API NX-API Sandbox interface for Cisco NX- OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of...

Cisco Secure Web Appliance XSS (cisco-sa-esa-sma-wsa-xss-cP9DuEmq)

According to its self-reported version, Cisco Secure Web Appliance is affected by cross-site scripting vulnerabilities. The vulnerability is due to insufficient validation of user input. An attacker could exploit this by persuading a user of an affected interface to click a crafted link. A...

Cisco Secure Email and Web Manager XSS (cisco-sa-esa-sma-wsa-xss-cP9DuEmq)

According to its self-reported version, Cisco Secure Email and Web Manager is affected by cross-site scripting vulnerabilities. The vulnerability is due to insufficient validation of user input. An attacker could exploit this by persuading a user of an affected interface to click a crafted link. ...

CVE-2023-35978

A vulnerability in ArubaOS could allow an unauthenticated remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context...

Cross site scripting

A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in...

Cross site scripting

A vulnerability in ArubaOS could allow an unauthenticated remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context...

CVE-2023-35978 Reflected Cross-Site Scripting (XSS) in ArubaOS Web-based Management Interface

A vulnerability in ArubaOS could allow an unauthenticated remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context...

CVE-2023-35971 Unauthenticated Stored Cross-Site Scripting (XSS) in ArubaOS Web-based Management Interface

A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in...

Cross site scripting

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the...

Schweitzer Engineering Laboratories RTAC Cross-site Scripting (CVE-2023-31154)

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

Schweitzer Engineering Laboratories RTAC Cross-site Scripting (CVE-2023-31157)

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...