Cisco Small Business RV042 and RV042G Routers XSS (cisco-sa-sa-rv-routers-xss-K7Z5U6q3)

According to its self-reported version, Cisco Small Business RV Series Router Firmware is affected by a cross-site scripting XSS vulnerability in its web-based management console due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker ca...

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities (cisco-sa-mlt-ise-strd-xss-nqFhTtx7)

According to its self-reported version, Cisco Identity Services Engine Software is affected by multiple vulnerabilities in the web-based management interface. An authenticated, remote attacker with administrative credentials exploit these vulnerabilities by injecting malicious code into specific...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to...

CVE-2020-3282 Cisco Unified Communications Products Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to...

CVE-2020-3282 Cisco Unified Communications Products Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to...

Cisco Data Center Network Manager Multiple Stored Cross-Site Scripting Vulnerablities (June 2020)

A stored cross-site scripting XSS vulnerabilities exists in web-based management interface of Cisco Data Center Network Manager DCNM due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker, administrative credentials can exploit this, by...

CVE-2020-3354

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability is due to insufficient inpu...

WordPress < 5.4.2

According to its self-reported version number, the installation of WordPress installed on the remote host is affected by multiple vulnerabilities: - Multiple cross-site scripting XSS vulnerabilities exist in Wordpress due to improper validation of user-supplied input before returning it to users...

Cross site scripting

A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based Local Manager interface of an affected device. The attacker must have...

CVE-2020-3233 Cisco IOx Application Framework Local Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based Local Manager interface of an affected device. The attacker must have...

CVE-2020-3233

CVE-2020-3233 describes a stored cross-site scripting (XSS) vulnerability in Cisco IOx Application Framework’s web-based Local Manager interface. An authenticated user with Local Manager credentials can inject malicious code via the System Settings tab due to insufficient input validation, leadin...

CVE-2020-3233 Cisco IOx Application Framework Local Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based Local Manager interface of an affected device. The attacker must have...

Security Updates for Microsoft Dynamics NAV (Dec 2018)

The Microsoft Dynamics NAV install is missing a security update. It is, therefore, affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this, by sending a specially crafte...

Input validation

Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue...

CVE-2020-5737

Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue...

CVE-2019-16010 Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability

A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of...

CVE-2019-16010 Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability

A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of...

Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability (cisco-sa-prime-collab-xss-RjRCe9n7)

According to its self-reported version, Cisco Prime Collaboration Provisioning is affected by a cross-site scripting vulnerability in the web-based management interface due to insufficient validation of user-supplied input. An unauthenticated, remote attacker could exploit this by persuading a us...

Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability

A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of...

CVE-2020-3157

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplied...