CVE-2026-20059

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate...

CVE-2026-20090

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20090

CVE-2026-20090 affects the web-based management interface of Cisco IMC. The root cause is insufficient validation of user input, enabling a stored XSS if a user with administrative access is coerced into clicking a crafted link. The vulnerability could allow an attacker with network access and ad...

PT-2026-23030

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the SAML feature and access sensitive,...

CVE-2026-20111

A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. This vulnerability exists because the web-based management...

CVE-2026-20047

Cisco ISE and ISE-PIC web management interfaces are affected by a cross-site scripting (XSS) vulnerability (CVE-2026-20047) due to insufficient validation of user-supplied input. An authenticated attacker with valid administrative credentials could inject malicious code into specific pages, allow...

SAP Business Connector 跨站脚本漏洞

SAP Business Connector is a middleware from SAP, Germany. A cross-site scripting vulnerability exists in SAP Business Connector due to improper validation of user-supplied input in the PRTG Web Monitor web interface. An attacker could exploit the vulnerability to access or modify information with...

SUSE CVE-2016-11081

An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser...

CVE-2025-20289

Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...

EUVD-2021-0125

Malware in sbrugna...

EUVD-2025-24208

Malicious code in bioql PyPI...

CVE-2025-7746

CVE-2025-7746 is a Cross-site Scripting (CWE-79) vulnerability in Schneider Electric ATV series (e.g., ATV340E, ATV6000/ATV6x, ATS490 Soft Starter, and related Altivar Drive/Module products). The root cause is improper neutralization of input during web page generation, allowing unvalidated data ...

CVE-2025-20330

A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the...

CVE-2025-42948

Due to a Cross-Site Scripting XSS vulnerability in SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated user clicks on this link, the injected input is processed during the website�s page generation, resultin...

CVE-2025-42948

Due to a Cross-Site Scripting XSS vulnerability in SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated user clicks on this link, the injected input is processed during the website�s page generation, resultin...

CVE-2025-42948

CVE-2025-42948 describes a Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform. An unauthenticated attacker can generate a malicious link that becomes publicly accessible; when an authenticated user clicks it, the injected input is processed during page generation, enabling ex...

PT-2025-32608 · Sap · Sap Netweaver/Abap Platform

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver ABAP Platform affected versions not specified Description: A Cross-Site Scripting XSS issue exists in SAP NetWeaver ABAP Platform. An unauthenticated attacker can create a malicious link and distribute it publicly. If an...

CVE-2024-20511

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user o...

Cisco Firepower Management Center 跨站脚本漏洞

Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. Cisco Firepower Management Center suffers from a cross-site scripting vulnerability that originates from the Web management interface not properly validating user-supplied input, which can...

Cisco Firepower Management Center 安全漏洞

Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. A cross-site scripting vulnerability exists in Cisco Firepower Management Center, which arises from insufficient validation of user-supplied input in the web management interface, and can ...