Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user. These vulnerabilities exist because the web-based management interface does not...

CVE-2021-1607 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user. These vulnerabilities exist because the web-based management interface does not...

CVE-2021-1575 Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not...

CVE-2021-1575 Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not...

CVE-2021-1395 Cisco Unified Intelligence Center Reflected Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not...

TextPattern CMS 4.8.7 - Stored Cross-Site Scripting (XSS)

Exploit Title: TextPattern CMS 4.8.7 - Stored Cross-Site Scripting XSS Date: 2021/09/06 Exploit Author: Mert Daş [email protected] Software Link: https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web: https://textpattern.com/ Tested on: Server: Xampp TextPattern is pron...

Cisco Adaptive Security Appliance Software Web-Based Management Interface Reflected XSS (cisco-sa-asa-rxss-L54Htxp)

According to its self-reported version, Cisco ASA Software is affected by a vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the...

Cisco Firepower Management Center Multiple Stored XSS (cisco-sa-fmc-stored-xss-djKfCzf2)

The version of Cisco Firepower Management Center installed on the remote host is prior to 6.7.0. It is, therefore, affected by multiple vulnerabilities as referenced in the cisco-sa-fmc-stored-xss-djKfCzf2 advisory. Specifically, multiple vulnerabilities in the web-based management interface of...

Cisco Unity Connection XSS (cisco-sa-cucm-xss-Q4PZcNzJ)

The Cisco Unity Connection installed on the remote host is prior to version 14. It is, therefore, affected by multiple cross-site Scripting vulnerabilities. Multiple vulnerabilities in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to...

Cisco Web Security Appliance XSS (cisco-sa-wsa-xss-mVjOWchB)

According to its self-reported version, Cisco Web Security Appliance is affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit, by convincing a user to click a specially...

Cisco Unified Communications Manager IM & Presence Service XSS (cisco-sa-cucm-xss-Q4PZcNzJ)

The version of Cisco Unified Communications Manager IM & Presence Service installed on the remote host is prior to version 14. It is, therefore, affected by a cross-site scripting vulnerability. A vulnerability in the web-based management interface of Cisco Unified CM IM&P,could allow an...

Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-Q4PZcNzJ)

The version of cisco unified communications manager installed on the remote host is prior to version 14. It is, therefore, affected by multiple cross-site scripting vulnerabilities. Multiple vulnerabilities in the web-based management interface of Cisco Unified CM, could allow an unauthenticated,...

Adobe Experience Manager 6.3.0.0 < 6.4.8.4 / 6.5.0.0 < 6.5.8.0 Multiple Vulnerabilities (APSB21-15)

The version of Adobe Experience Manager installed on the remote host is prior to 6.4.8.4, 6.5.8.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB21-15 advisory. - AEM's Cloud Service offering, as well as versions 6.5.7.0 and below, 6.4.8.3 and below and 6.3.3.8 a...

Cisco Firepower Management Center Software Multiple XSS (cisco-sa-fmc-xss-yT8LNSeA)

The version of Cisco Firepower Management Center FMC installed on the remote host is affected by multiple cross-site scripting XSS vulnerabilities due to insufficient validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincin...

CVE-2021-1507

A vulnerability in an API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the application web-based interface. This vulnerability exists because the API does not properly validate user-supplied...

CVE-2021-1490

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to improper...

CVE-2021-1490 Cisco Web Security Appliance Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to improper...

CVE-2021-1455

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...

CVE-2021-1456

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...

CVE-2021-1458

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...