CVE-2021-26678

A remote unauthenticated stored cross-site scripting XSS vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface of ClearPass could allow an unauthenticated remote attacker to conduct a...

Cross site scripting

A remote reflected cross-site scripting XSS vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the guest portal interface of ClearPass could allow a remote attacker to conduct a reflected cross-site scripting XSS atta...

CVE-2021-26678

A remote unauthenticated stored cross-site scripting XSS vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface of ClearPass could allow an unauthenticated remote attacker to conduct a...

Cross site scripting

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient validation of user-supplied...

CVE-2021-1351 Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient validation of user-supplied...

CVE-2021-1351 Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient validation of user-supplied...

Webmin 1.890 XSS

A cross-site scripting XSS vulnerability exists in Webmin 1.890 due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's...

CVE-2021-1239

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected system. The vulnerabilities exist because the...

CVE-2021-1151

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. The vulnerabilities are due to insufficient...

CVE-2021-1127

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to improper input...

CVE-2021-1127 Cisco Enterprise NFV Infrastructure Software Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to improper input...

CVE-2021-1127 Cisco Enterprise NFV Infrastructure Software Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to improper input...

CVE-2021-1239 Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected system. The vulnerabilities exist because the...

SolarWinds Orion Platform < 2020.2.1 XSS

According to its self-reported version number, the version of SolarWinds Orion Platform is prior to 2020.2.1. It is, therefore, affected by a stored cross-site scripting XSS vulnerability due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote...

Security Updates for Microsoft Dynamics 365 (on-premises) (December 2020)

The Microsoft Dynamics 365 on-premises is missing a security update. It is, therefore, affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input before returning it to users. An attacker can exploit this by convincing a user to click a specially crafte...

phpMyAdmin 4.3.x < 4.7.8 XSS (PMASA-2018-1)

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.7.x prior to 4.7.8. Versions since 4.3 are also affected, but they are no longer supported. It is, therefore, affected by a cross-site scripting XSS vulnerability in dbcentralcolumns.php. A...

CVE-2020-26081

Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director FND could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against users on an affected system. The vulnerabilities are due to insufficient validation of user-supplied input that is...

Cross site scripting

Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director FND could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against users on an affected system. The vulnerabilities are due to insufficient validation of user-supplied input that is...

CVE-2020-26081 Cisco IoT Field Network Director Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director FND could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against users on an affected system. The vulnerabilities are due to insufficient validation of user-supplied input that is...

CVE-2020-26081 Cisco IoT Field Network Director Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director FND could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against users on an affected system. The vulnerabilities are due to insufficient validation of user-supplied input that is...