AlgoSec Firewall Analyzer 6.4 Cross Site Scripting

================================================================================================================================================================ AlgoSec Firewall Analyzer Version v6.4 cross-site scripting XSS Vulnerability...

CVE-2013-2136

Multiple cross-site scripting XSS vulnerabilities in Apache CloudStack before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 Physical network name to the Zone wizard; 2 New network name, 3 instance name, or 4 group to the Instance wizard; 5 unspecified "multi-edit...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.23 allow remote attackers to inject arbitrary web script or HTML via the 1 jQuery or 2 id parameters, a different vulnerability than CVE-2013-1942 and...

WordPress Trafficanalyzer Plugin XSS Vulnerability

WordPress Trafficanalyzer Plugin is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...

AlgoSec Firewall Analyzer - Cross-Site Scripting

AlgoSec Firewall Analyzer - Cross-Site Scripting source: https://www.securityfocus.com/bid/61733/info AlgoSec Firewall Analyzer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scri...

DotNetNuke 6.1.x - Cross-Site Scripting

DotNetNuke 6.1.x - Cross-Site Scripting source: https://www.securityfocus.com/bid/61770/info DotNetNuke is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...

Jahia xCM - enginesmanager.jsp?site Cross-Site Scripting

Jahia xCM - enginesmanager.jsp?site Cross-Site Scripting source: https://www.securityfocus.com/bid/61571/info Jahia xCM is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. An attacker could exploit these...

Cross-Site Scripting (XSS) in Duplicator WordPress Plugin

Advisory ID: HTB23162 Product: Duplicator WordPress Plugin Vendor: LifeInTheGrid Vulnerable Versions: 0.4.4 and probably prior Tested Version: 0.4.4 Vendor Notification: June 19, 2013 Vendor Patch: July 21, 2013 Public Disclosure: July 24, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...

WordPress vulnerable to cross-site scripting

Overview WordPress contains a cross-site scripting vulnerability due to an issue in the SWFUpload library. ma.la reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the...

WordPress Plugin Duplicator - Cross-Site Scripting

source: https://www.securityfocus.com/bid/61425/info The Duplicator plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecti...

Symantec Encryption Management Server Web Email Protection XSS

SUMMARY Symantec's Encryption Management Server, previously PGP Universal Server, is susceptible to a cross-site scripting XSS issue, in the web management interface of the server. The XSS issue is in the Web Email Protection component. This issue could allow an authenticated Web Email Protection...

Oracle Enterprise Manager vulnerable to cross-site scripting

Overview Oracle Enterprise Manager provided by Oracle contains a cross-site scripting vulnerability. Masashi Shiraishi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on t...

WordPress Plugin FlagEm - 'cID' Cross-Site Scripting

source: https://www.securityfocus.com/bid/61401/info The FlagEm plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

Barracuda CudaTel - Multiple Cross-Site Scripting Vulnerabilities

Barracuda CudaTel - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/61353/info Barracuda CudaTel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

S9Y Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/61138/info Serendipity is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

Corda .NET Redirector - 'redirector.corda' Cross-Site Scripting

source: https://www.securityfocus.com/bid/61156/info Corda .NET Redirector is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

S9Y Serendipity 1.6.2 - serendipity_admin_image_selector.php Cross-Site Scripting

S9Y Serendipity 1.6.2 - serendipityadminimageselector.php Cross-Site Scripting source: https://www.securityfocus.com/bid/61138/info Serendipity is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to...

WordPress Plugin Category Grid View Gallery - 'ID' Cross-Site Scripting

source: https://www.securityfocus.com/bid/60905/info The Category Grid View Gallery plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser ...

WordPress Plugin Xorbin Digital Flash Clock - 'widgetUrl' Cross-Site Scripting

source: https://www.securityfocus.com/bid/60862/info The Xorbin Digital Flash Clock plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser ...

WordPress Plugin Xorbin Digital Flash Clock - widgetUrl Cross-Site Scripting

WordPress Plugin Xorbin Digital Flash Clock - widgetUrl Cross-Site Scripting source: https://www.securityfocus.com/bid/60862/info The Xorbin Digital Flash Clock plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An...