3351 matches found
Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-06381)
Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco, which are used to configure firewall, VPN, and intrusion protection security services on Cisco networks and security devices. cross-site scripting vulnerability exists in Cisco Security Manager, which can ...
Liferay Portal 7.3.2 < 7.3.6 XSS
Liferay Portal 7.3.2 prior to 7.3.6 is affected by a cross-site scripting XSS vulnerability in its redirect module component due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to click a...
Cisco Adaptive Security Appliance XSS (cisco-sa-asaftd-xss-webui-gQLSFyPM)
According to its self-reported version, Cisco ASA Software is affected by a cross-site scripting XSS vulnerability in its web services interface due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a us...
CVE-2021-24834
The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is...
Cross site scripting
The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability, which exists in the Admin preview module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is due to...
Cross site scripting
The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is...
Cisco Prime Infrastructure Stored XSS (cisco-sa-pi-epnm-xss-U2JK537j)
The version of Cisco Prime Infrastructure installed on the remote host is prior to 3.10. It is, therefore, affected by a stored cross-site scripting XSS vulnerability in its web-based management interface due to improper validation of user-supplied input before returning it to users. An...
CVE-2021-40115
A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...
CVE-2021-34784
A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an...
CVE-2021-34784 Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an...
CVE-2021-34784 Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an...
CVE-2021-40115 Cisco Webex Video Mesh Cross-Site Scripting Vulnerability
A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...
CVE-2021-40115 Cisco Webex Video Mesh Cross-Site Scripting Vulnerability
A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...
Cisco Webex Video Mesh Cross-Site Scripting Vulnerability
A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...
Cisco Firepower Management Center Software Multiple Vulnerabilities (cisco-sa-fmc-xss-openredir-TVPMWJyg)
The version of Cisco Firerpower Management Center installed on the remote host is affected by multiple vulnerabilities as referenced in the cisco-sa-fmc-xss-openredir-TVPMWJyg advisory, as follows: - An authenticated, remote attacker can exploit a vulnerability in the web-based management interfa...
Cisco TelePresence Management Suite Stored XSS (cisco-sa-tms-xss-CwjZJSQc)
According to its self-reported version, Cisco TelePresence Management Suite is affected by a stored cross-site scripting XSS vulnerability in its web-based management interface due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can...
CVE-2021-34760
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient input validation by the...
Cross site scripting
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient input validation by the...
CVE-2021-34789
Cisco Tetration’s web-based management interface contains a stored XSS flaw caused by insufficient input validation. An authenticated attacker with valid administrative credentials could inject malicious scripts into specific interface pages, allowing execution of arbitrary script in the affected...