5 matches found
Ruoyi 安全漏洞
Ruoyi is a backend management system by Ruoyi's individual developers. A security vulnerability exists in Ruoyi 4.8.1 and earlier versions, which stems from a bypassable stored cross-site scripting vulnerability in the /system/menu/edit endpoint that could affect all users...
Atlassian Fisheye and Crucible Cross-Site Request Forgery Vulnerabilities (CNVD-2020-31424)
Atlassian Fisheye and Crucible are both products of the Australian company Atlassian, Atlassian Fisheye is a suite of in-depth viewers of source code and Crucible is a suite of code review tools. A cross-site request forgery vulnerability exists in Atlassian Fisheye and Crucible versions prior to...
CVE-2020-4013
The review resource in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to inject arbitrary HTML or Javascript via a cross site scripting XSS vulnerability through the review objectives...
Tenable Log Correlation Engine Cross-Site Scripting Vulnerability
Tenable Log Correlation Engine a.k.a. LCE is a log correlation engine that provides log analysis and event monitoring from Tenable Network Security. A cross-site scripting vulnerability exists in versions of Tenable LCE prior to 4.8.1. A remote attacker can exploit this vulnerability to execute...
CVE-2016-9261
Cross-site scripting XSS vulnerability in Tenable Log Correlation Engine aka LCE before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...