Microsoft Office SharePoint CVE-2018-8426 Cross Site Scripting Vulnerability

Description Microsoft Office SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

Infoblox NetMRI 7.1.1 Reflected XSS Vulnerability

Infoblox NetMRI is prone to a reflected cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

Nextcloud Server 'Autocomplete field' Stored XSS Vulnerability (NC-SA-2018-008)

Nextcloud Server is prone to a stored cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2018-0367

A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to...

CVE-2018-0367

A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to...

Cisco Registered Envelope Service Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to...

MantisBT 2.1.0 - 2.15.0 'View Filters' And 'Edit Filter' Pages XSS Vulnerabilities - Windows

MantisBT is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

MantisBT 2.1.0 - 2.15.0 'View Filters' And 'Edit Filter' Pages XSS Vulnerabilities - Linux

MantisBT is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due...

Cisco Small Business 300 Series Managed Switches Persistent Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business 300 Series Sx300 Managed Switches could allow an authenticated, remote attacker to conduct a persistent cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The...

CVE-2018-0396

A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of an affected system. The vulnerability is due to...

Cross site scripting

A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of an affected system. The vulnerability is due to...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

EMS Master Calendar Cross-Site Scripting Vulnerability

EMS Master Calendar is a schedule management system from EMS Software, USA. The system provides instant access to dates and locations. A cross-site scripting vulnerability exists in versions prior to EMS Master Calendar 8.0.0.201805210, where the program fails to properly filter user-submitted...

CVE-2018-0340

A vulnerability in the web framework of the Cisco Unified Communications Manager Unified CM software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient...

CVE-2018-0339

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. The vulnerability is due to insufficient input validation of some...

Cisco Integrated Management Controller Supervisor and Cisco UCS Director DOM Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Integrated Management Controller Supervisor Software and Cisco UCS Director Software could allow an authenticated, remote attacker to conduct a Document Object Model-based DOM-based, stored cross-site scripting XSS attack against a us...

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

A vulnerability in the web framework of the Cisco Unified Communications Manager Unified CM software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient...

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. The vulnerability is due to insufficient input validation of some...