CVE-2022-20835

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...

CVE-2022-20834

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...

CVE-2022-20834

CVE-2022-20834 affects Cisco Firepower Management Center (FMC) web-based management interface. The issue is due to insufficient validation of user-supplied input in the FMC UI, enabling an authenticated, remote attacker to perform a stored XSS attack. Impact ranges from arbitrary script execution...

Cross site scripting

A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the Cisco Umbrella dashboard. This vulnerability is due to unsanitized user input. An attacker could exploit this...

CVE-2022-20969

A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the Cisco Umbrella dashboard. This vulnerability is due to unsanitized user input. An attacker could exploit this...

Cisco Identity Services Engine Stored XSS (cisco-sa-ise-stor-xss-kpRBWXY)

According to its self-reported version, Cisco Identity Services Engine Stored is affected by a cross-site scripting vulnerability. This could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected...

Cisco Identity Services Engine XSS (cisco-sa-ise-xss-twLnpy3M)

According to its self-reported version, Cisco Identity Services Engine is affected by a cross-site scripting XSS vulnerability due to insufficient input validation in the External RESTful Services ERS API. An attacker could exploit this vulnerability by persuading an authenticated administrator o...

Cross site scripting

A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser ...

CVE-2022-37892

A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a...

WordPress Plugin Testimonial Slider and Showcase 2.2.6 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Testimonial Slider and Showcase 2.2.6 - Stored Cross-Site Scripting XSS Date: 05/08/2022 Exploit Author: saitamang , yunaranyancat , syad Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/plugins/testimonial-slider-and-showcase/ Version:...

CVE-2022-20869

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management...

CVE-2022-20869 Cisco BroadWorks Application Delivery Platform Software Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management...

WordPress Testimonial Slider And Showcase 2.2.6 Cross Site Scripting Vulnerability

Exploit Title: Stored XSS in posttitle parameter in WordPress Plugin "Testimonial Slider and Showcase" 2.2.6 Exploit Author: saitamang , yunaranyancat , amdsyad Vendor Homepage: wordpress Software Link: https://wordpress.org/plugins/testimonial-slider-and-showcase/ Version: 2.2.6 Tested on: Cento...

Cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Online Admission System. Affected is an unknown function of the file index.php. The manipulation of the argument eid with the input 8alert1 leads to cross site scripting. It is possible to launch the attack remotely...

Cisco Unified Communications Manager IM & Presence XSS (cisco-sa-cucm-xss-ksKd5yfA)

The version of Cisco Unified Communications Manager IM & Presence Service installed on the remote host is 11.51 prior to 11.51SU11, 12.51 prior to 12.51SU6 or 14 prior to 14SU2. It is, therefore affect by a cross-site scripting vulnerability XSS in the web-based management interface. An...

Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-ksKd5yfA)

The version of Cisco Unified Communications Manager installed on the remote host is version 14 prior to 14SU2. It is, therefore affect by a cross-site scripting vulnerability XSS in the web-based management interface. An unauthenticated remote attacker can, with the action of an authorized user,...

Cross site scripting

A vulnerability in SAP NW EP WPC - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote attacker to conduct a Cross-Site XSS scripting attack. A successful exploit could allow the attacker to execute arbitrary script code which could lead to...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, and Cisco Unity Connection could...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified CM Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to...

CVE-2022-20815 Cisco Unified Communications Products Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified CM Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to...