Cisco Identity Services Engine 跨站脚本漏洞

Cisco Identity Services Engine ISE is an environment-aware platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users, and devices to develop and implement policies to monitor the network. A cross-site scripting vulnerability exists in th...

PT-2022-6635 · Cisco · Cisco Identity Services Engine (Ise)

Name of the Vulnerable Software and Affected Versions: Cisco Identity Services Engine ISE Software affected versions not specified Description: The issue is related to insufficient input validation in the External RESTful Services ERS API, which could allow an authenticated, remote attacker to...

Racoon Stealer is Back — How to Protect Your Organization

The Racoon Stealer malware as a service platform gained notoriety several years ago for its ability to extract data that is stored within a Web browser. This data initially included passwords and cookies, which sometimes allow a recognized device to be authenticated without a password being...

CVE-2022-20916

A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly...

The vulnerability of microprogrammed software for PACsystems programmable logic controllers, related to data transmission between the browser and the PLC using the HTTP protocol, allows a intruder to gain unauthorized access to protected information.

The vulnerability of PACsystems programmable logic controllers’ microprogramming software is related to the transmission of data between the browser and the PLC using the HTTP protocol. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2022-20666

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector CSPC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient...

Mattermost Server exposes information stored by a web browser

An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser...

GHSA-5Q37-9874-QXCW Mattermost Server exposes information stored by a web browser

An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser...

Cisco Common Services Platform Collector 跨站脚本漏洞

Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...

Cisco Common Services Platform Collector 跨站脚本漏洞

Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...

CVE-2022-20666

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector CSPC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient...

CVE-2022-20668

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector CSPC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient...

CVE-2022-20674

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector CSPC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient...

Cisco Enterprise Chat and Email 跨站脚本漏洞

Cisco Enterprise Chat and Email is a set of enterprise chat and email solutions from Cisco USA. Cisco Enterprise Chat and Email is a cross-site scripting vulnerability that could be exploited by attackers to execute arbitrary code in the context of the interface or access sensitive browser-based...

Cisco Common Services Platform Collector 跨站脚本漏洞

Cisco Common Services Platform Collector is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collector is...

Cisco Common Services Platform Collector 跨站脚本漏洞

Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...

Cisco Common Services Platform Collector 跨站脚本漏洞

Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...

Black Duck Hub 跨站脚本漏洞

SYNOPSYS Black Duck Hub Open Hub is a web-based community platform from SYNOPSYS, Inc. It provides a suite of Web services. Black Duck Hub suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of user input by the MadCap Flare framework embedded in the he...

CVE-2022-20629

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of...

Cisco Firepower Management Center 跨站脚本漏洞

A cross-site scripting vulnerability exists in Cisco Firepower Management Center FMC, a next-generation firewall management center software from Cisco. The vulnerability stems from a Web management interface that does not adequately authenticate user input. An authenticated remote attacker could...