CKEditor cross-site scripting vulnerability (CNVD-2021-92475)

CKEditor is an open source, web-based text editor. CKEditor suffers from a cross-site scripting vulnerability, which stems from the product's failure to effectively filter special characters in input data. An attacker can execute client-side code through this vulnerability...

CKEditor 跨站脚本漏洞

CKEditor is an open source, web-based text editor. CKEditor suffers from a cross-site scripting vulnerability, which stems from the product's failure to effectively filter special characters in input data. An attacker can execute client-side code through this vulnerability...

Kirby Cross-Site Scripting Vulnerability (CNVD-2021-95257)

Kirby is a file-based content management system CMS. Kirby suffers from a cross-site scripting vulnerability that stems from the product's failure to validate input data, which could be exploited by attackers to execute client-side code...

Kirby Cross-Site Scripting Vulnerability (CNVD-2021-95256)

Kirby is a file-based content management system CMS. Kirby suffers from a cross-site scripting vulnerability that stems from the product's failure to validate input data, which could be exploited by attackers to execute client-side code...

Kirby 跨站脚本漏洞

Kirby is a file-based content management system CMS. Kirby suffers from a cross-site scripting vulnerability that stems from the product's failure to validate input data, which could be exploited by attackers to execute client-side code...

Kirby 跨站脚本漏洞

Kirby is a file-based content management system CMS. Kirby suffers from a cross-site scripting vulnerability that stems from the product's failure to validate input data, which could be exploited by attackers to execute client-side code...

JetBrains YouTrack Cross-Site Scripting Vulnerability (CNVD-2021-91660)

JetBrains YouTrack, a browser-based bug tracking and project management software from JetBrains Czech Republic, is vulnerable to a cross-site scripting vulnerability in versions prior to JetBrains YouTrack 2021.3.24402. The vulnerability stems from the lack of proper validation of client-side dat...

SEO Panel 跨站脚本漏洞

SEO Panel is an open source panel for managing SEO Search Engine Optimization on websites. A security vulnerability exists in SEO Panel that stems from multiple cross-site scripting XSS vulnerabilities in SEO Panel v4.8.0. An attacker can exploit the vulnerabilities to execute client-side code...

Fortinet FortiAnalyzer Cross-Site Scripting Vulnerability (CNVD-2021-84244)

Fortinet FortiAnalyzer is a set of centralized network security reporting solutions from the U.S. company Fiat Fortinet. The product is mainly used to collect network log data, and through the reporting suite of security events in the log, network traffic, Web content, etc. to analyze, report,...

GitLab 跨站脚本漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. GitLab suffers from a cross-site scripting vulnerability that stems from the la...

ElkarBackup 跨站脚本漏洞

ElkarBackup is an open source backup product based on RSync/RSnapshot technology to backup data on windows/linux platforms. ElkarBackup cross-site scripting vulnerability , the vulnerability stems from the lack of WEB applications on the client data correctly validated . An attacker can exploit...

Fortinet FortiAnalyzer 跨站脚本漏洞

Fortinet FortiAnalyzer is a set of centralized network security reporting solutions from the U.S. company Fiat Fortinet. The product is mainly used to collect network log data, and through the reporting suite of security events in the log, network traffic, Web content, etc. to analyze, report,...

Pi-hole 跨站脚本漏洞

Pi-hole is a web-grade ad-blocking application from Pi-hole, Inc. Pi-hole suffers from a cross-site scripting vulnerability that stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit this vulnerability to execute client-side code...

Tibco Software TIBCO Nimbus 跨站脚本漏洞

Tibco Software TIBCO Nimbus is a business application for process documentation from Tibco Software, USA. A cross-site scripting vulnerability exists in TIBCO Nimbus, which stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerabilit...

Alfresco Cross-Site Scripting Vulnerability (CNVD-2021-83570)

Alfresco is an open source enterprise content management system. The platform page using Freemarker development , the main features include document management , collaboration , records management , knowledge base management , Web content management and so on. Alfresco has a security vulnerabilit...

Snipe-IT Cross-Site Scripting Vulnerability (CNVD-2022-19845)

Snipe-IT is an open source IT asset/license management system. snipe-IT has a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to execute client-side code...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on servers running PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Ivory Search, which stems from the lack ...

Trane Tracer SC 跨站脚本漏洞

Trane Tracer SC is an intelligent field panel from Trane Australia that communicates with unit controllers LON or BACnet to provide independent control of HVAC equipment. A cross-site scripting vulnerability exists in Trane Tracer SC. The vulnerability stems from a lack of proper validation of...

myfactory.FMS 跨站脚本漏洞

myfactory.FMS is a transaction management system. A cross-site scripting vulnerability exists in Myfactory.FMS that stems from the product's Error parameter failing to properly validate user input data. The vulnerability can be exploited to execute client-side code. The following products and...

Adobe Campaign Classic 跨站脚本漏洞

Adobe Campaign Classic ACC is a suite of cross-channel customer experience marketing platforms from the American company Audobee Adobe. The platform features real-time interaction management, Adobe Experience Cloud integration, data management and integration. A cross-site scripting vulnerability...