JetBrains YouTrack has an unspecified vulnerability (CNVD-2021-91663)

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. JetBrains YouTrack Mobile 2021.2 previously had a security vulnerability that stemmed from a client-side cache on iOS that could contain sensitive information. An attacker could use...

JetBrains YouTrack 安全漏洞

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. The software has features such as bug tracking, creating workflows, and monitoring project progress.JetBrains YouTrack Mobile 2021.2 previously had a security vulnerability that stemm...

JetBrains YouTrack 注入漏洞

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. The software has features such as bug tracking, creating workflows, and monitoring project progress.JetBrains YouTrack is vulnerable to an injection vulnerability that stems from...

Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability

Cisco Adaptive Security Appliance ASA and Firepower Threat Defense FTD contain an insufficient input validation vulnerability for user-supplied input by the web services interface. Successful exploitation could allow an attacker to perform cross-site scripting XSS in the context of the interface ...

CVE-2021-41878

A reflected cross-site scripting XSS vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console and it is possible to insert a vulnerable malicious button...

Cross site scripting

A reflected cross-site scripting XSS vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console and it is possible to insert a vulnerable malicious button...

i-Panel Administration System 跨站脚本漏洞

The i-Panel Administration System is a management system. A cross-site scripting vulnerability exists in i-Panel Administration System version 2.0, which can be exploited by a remote attacker to execute arbitrary JavaScript code in a browser-based web console...

Cisco Application Policy Infrastructure Controller Cross-Site Scripting Vulnerability (CNVD-2021-68730)

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco USA. Controller's web UI contains a stored cross-site scripting vulnerability, which can be exploited by an attacker to execute arbitrary script code or access...

Cross-Site Request Forgery (CSRF) in namelessmc/nameless

✍️ Description Attacker able to leave any user message with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF...

Cross-Site Request Forgery (CSRF) in neorazorx/facturascripts

✍️ Description Attacker able to delete any number of Agents with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSR...

Cross-Site Request Forgery (CSRF) in admidio/admidio

✍️ Description Attacker able to delete any album of a user with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF...

JetBrains YouTrack Security Feature Issue Vulnerability

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. JetBrains YouTrack is vulnerable to a security feature that could be exploited by remote attackers to access sensitive information...

JetBrains YouTrack Elevation of Privilege Vulnerability

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. JetBrains YouTrack has an elevation of privilege vulnerability that could be exploited by an attacker to bypass implemented security restrictions and elevate privileges on the system...

Advantech WebAccess/SCADA Path Traversal Vulnerability (CNVD-2021-59235)

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, Taiwan, China. A path traversal vulnerability exists in Advantech WebAccess/SCADA, which stems from the product's failure to add access rights to input data. An attacker could use the vulnerability ...

Advantech WebAccess/SCADA Cross-Site Scripting Vulnerability (CNVD-2021-59236)

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, Taiwan, China. A cross-site scripting vulnerability exists in Advantech WebAccess/SCADA, which originates from UserExcelOut.asp failing to properly validate the correctness of user data. The...

Cross-Site Request Forgery (CSRF) in glpi-project/glpi

✍️ Description Attacker able to change any task state from changes/tickets/problems with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not...

Cisco Identity Services Engine stored cross-site scripting vulnerability (CNVD-2021-50083)

Cisco Identity Services Engine ISE is a next-generation identity and access control policy platform that enables organizations to enforce compliance, enhance infrastructure security, and streamline their service operations. A stored cross-site scripting vulnerability exists in the Web management...

White Shark System 信息泄露漏洞

White Shark System WSS is a browser-based collaboration platform that integrates Project Management, Task Management, Work Management and Work Log Management. Project Management", "Task Management", "Work Management" and "Work Log Management". A website physical path disclosure vulnerability exis...

Opentext OpenText Brava! 缓冲区错误漏洞

OpenText Brava! Desktop is a browser-based universal document viewer from OpenText Opentext Canada. The product supports viewing, annotating and editing many types of documents. A security vulnerability exists in OpenText Brava! Desktop that stems from the program's lack of proper validation of...