CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cisco•added 2019/10/16 4:0 p.m.•48 views

Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. These vulnerabilities are due to insufficient...

4.8CVSS5AI score0.0026EPSS

Symantec•added 2019/10/15 12:0 a.m.•23 views

Adobe Acrobat and Reader CVE-2019-8160 Cross Site Scripting Vulnerability

Description Adobe Acrobat and Reader are prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication...

8.1AI score0.01093EPSS

Exploits0Affected Software2

Tenable Nessus•added 2019/10/15 12:0 a.m.•18 views

Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

6.1CVSS6.4AI score0.0012EPSS

Symantec•added 2019/10/14 12:0 a.m.•40 views

WordPress Prior to 5.2.4 Multiple Security Vulnerabilities

Description WordPress is prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and...

7.5AI score

Tenable Nessus•added 2019/10/11 12:0 a.m.•24 views

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the web-based guest portal of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-suppli...

6.1CVSS6.3AI score0.00148EPSS

Tenable Nessus•added 2019/10/11 12:0 a.m.•34 views

Cisco Adaptive Security Appliance WebVPN XSS (cisco-sa-20191002-asa-xss)

A vulnerability in the Clientless SSL VPN WebVPN portal of Cisco Adaptive Security Appliance ASA allows an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

6.1CVSS6.2AI score0.00148EPSS

Tenable Nessus•added 2019/10/11 12:0 a.m.•23 views

Cisco Unified Intelligence Center Cross-Site Scripting Vulnerability

A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation...

6.1CVSS6AI score0.00232EPSS

Tenable Nessus•added 2019/10/11 12:0 a.m.•30 views

Cisco IOS XE Software Stored Banner XSS (cisco-sa-20190925-sbxss)

According to its self-reported version, Cisco IOS XE Software is affected by a cross-site scripting vulnerability which allows an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected software using the banner...

4.8CVSS5.6AI score0.00182EPSS

Tenable Nessus•added 2019/10/10 12:0 a.m.•27 views

Cisco IOS XE Software Stored XSS (cisco-sa-20190925-xss)

According to its self-reported version, Cisco IOS XE Software is affected by a stored cross-site scripting XSS vulnerability in its web framework code. This allows an unauthenticated, remote attacker to conduct stored XSS attacks against a user of the web interface of the affected software. The...

5.5CVSS5.6AI score0.00159EPSS

NVD•added 2019/10/02 7:15 p.m.•9 views

CVE-2019-12707

A vulnerability in the web-based interface of multiple Cisco Unified Communications products could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of the affected software. The vulnerability is due to insufficient...

6.1CVSS6AI score0.00148EPSS

NVD•added 2019/10/02 7:15 p.m.•11 views

CVE-2019-12712

A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient...

6.1CVSS6AI score0.00148EPSS

NVD•added 2019/10/02 7:15 p.m.•20 views

CVE-2019-12695

A vulnerability in the Clientless SSL VPN WebVPN portal of Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an...

6.1CVSS6AI score0.00148EPSS

Prion•added 2019/10/02 7:15 p.m.•14 views

Cross site scripting

Exploits0References1Affected Software3

Prion•added 2019/10/02 7:15 p.m.•11 views

Cross site scripting

Prion•added 2019/10/02 7:15 p.m.•15 views

Cross site scripting

Prion•added 2019/10/02 7:15 p.m.•12 views

Cross site scripting

A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. The...

Prion•added 2019/10/02 7:15 p.m.•12 views

Cross site scripting