CVE-2023-49111

CVE-2023-49111 describes an unauthenticated reflected cross-site scripting vulnerability in Kiuwan SAST deployments with SSO enabled. The issue arises because the login page’s JavaScript block directly includes the request parameter “message,” enabling an attacker to inject script via the paramet...

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55885)

NCH Axon PBX is a set of virtual telephone switch software used in business environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems fro...

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55884)

NCH Axon PBX is a virtual phone switch software used in business environments. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the failure of the product's primary phone to properly filter incoming data for special characters, which can be exploited to execute...

D-Link 6600-AP XSS / DoS / Information Disclosure

Security Advisory - 22/07/2019 Multiple vulnerabilities found in the D-Link 6600-AP device running the latest firmware version 4.2.0.14. D-Link 6600-AP is not produced anymore but the support is still provided by D-Link as per described on the D-Link website. Not that this product is built for...