Cisco SocialMiner Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation. An attacker could exploit th...

Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerabilities

A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of some...

Serendipity < 2.1.1 Multiple Vulnerabilities

According to its banner, the version of Serendipity running on the remote host is prior to 2.1.1. It is, therefore, affected by multiple vulnerabilities : - A stored cross-site scripting XSS vulnerability exists in the templates/2k11/admin/category.inc.tpl script due to improper validation of the...

Cisco Email Security Appliance Message Tracking Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. SPDX-FileCopyrightText: 2017 Greenbo...

Cisco Email Security and Content Security Management Appliance Message Tracking Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an...

Cisco Unified Communications Manager XSS (cisco-sa-20170517-ucm)

According to its self-reported version, the Cisco Unified Communications Manager CUCM running on the remote device is affected by a cross-site scripting XSS vulnerability in the web-based management interface due to improper validation of user-supplied input before returning it to users. An...

Logsign Remote Code Injection Vulnerability

Logsign is the next generation security information and event management solution for security intelligence, log management and easy compliance reporting. Logsign suffers from a remote code injection vulnerability. An attacker could exploit this vulnerability to execute arbitrary script code with...

Kodak InSite 6.5 <= 8.0 XSS Vulnerability

Kodak InSite is prone to a cross-site scripting XSS vulnerability because it fails to sufficiently sanitize user-supplied data. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2017-6654

A vulnerability in the web-based management interface of Cisco Unified Communications Manager 10.5 through 11.5 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerabilit...

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

Splunk Enterprise 6.4.x < 6.4.7 Multiple Vulnerabilities

According to its self-reported version number, the version of Splunk Enterprise running on the remote web server is 6.4.x prior to 6.4.7. It is, therefore, affected by multiple vulnerabilities : - Multiple cross-site scripting XSS vulnerabilities exist due to improper validation of user-supplied...

XOOPS <= 2.5.8.1 XSS Vulnerability

XOOPS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xoops:xoops";...

MantisBT 2.3.x < 2.3.2 XSS Vulnerability - Windows

MantisBT is prone to a cross-site scripting XSS vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

Cross site scripting

A vulnerability in the web framework code of Cisco Prime Infrastructure 2.22 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of some...

Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerability

A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of some...

Cybozu Office 10.0.0 - 10.5.0 Multiple Security Vulnerabilities

Cybozu Office is prone to multiple security vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cybozu:office";...

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due t...

MantisBT < 2.1.1 'view_type' XSS Vulnerability - Windows

MantisBT is prone to a cross-site scripting XSS vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

Kunena Forum Extension 'message subject' Cross Site Scripting Vulnerability

the Kunena Forum Extension for Joomla is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Moodle 3.2.x < 3.2.2 Multiple Vulnerabilities

Binary data 700011.prm...