GitLab Cross-Site Scripting Vulnerability (CNVD-2021-40769)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in GitLab tha...

PageLayer Cross-Site Scripting Vulnerability

PageLayer is a WordPress page builder plugin. It is very easy to use and lightweight on the browser. A cross-site scripting vulnerability exists in PageLayer, which stems from a lack of proper validation of client-side data in PageLayer prior to 1.3.5. An attacker can exploit this vulnerability t...

PageLayer 跨站脚本漏洞

PageLayer is a WordPress page builder plugin. It is very easy to use and lightweight on the browser. A cross-site scripting vulnerability exists in PageLayer, which stems from a lack of proper validation of client-side data in PageLayer prior to 1.3.5. An attacker can exploit this vulnerability t...

WordPress plugin cross-site scripting vulnerability (CNVD-2021-41081)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in the...

noobaa-core cross-site scripting vulnerability

noobaa-core is the application that provides an S3 object storage interface with flexible tiering, mirroring, and distributed placement policies for any storage resource that allows GET/PUT, including S3, GCS, Azure Blob File System, and more. A cross-site scripting vulnerability exists in...

nooba -core 跨站脚本漏洞

noobaa-core is the application that provides an S3 object storage interface with flexible tiering, mirroring, and distributed placement policies for any storage resource that allows GET/PUT, including S3, GCS, Azure Blob File System, and more. A cross-site scripting vulnerability exists in...

CHIYU科技BF-630W 跨站脚本漏洞

BF-630W is a web-based fingerprint-secured single-door biometric reader controller from CHIYU Technology CHIYU Technology suffers from a cross-site scripting vulnerability that stems from an unauthenticated XSS vulnerability in several CHIYU Technology IoT devices, including BF-630, BF-450M,...

Apple Safari 跨站脚本漏洞

Apple Safari is a web browser from Apple, Inc. and is the default browser that comes with Mac OS X and iOS operating systems. A cross-site scripting vulnerability exists in Apple Safari. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attack...

JetBrains TeamCity Cross-Site Scripting Vulnerability (CNVD-2021-35241)

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

StackLift LocalStack Cross-Site Scripting Vulnerability

StackLift LocalStack is a StackLift open source application. Provides an easy-to-use testing framework for cloud applications. A cross-site scripting vulnerability exists in StackLift LocalStack version 0.12.6, which stems from a lack of proper validation of client-side data by the WEB applicatio...

Jetbrains JetBrains TeamCity 跨站脚本漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

CVE-2021-22195

CVE-2021-22195 affects the GitLab VSCode extension (gitlab-vscode-extension) v3.15.0 and earlier. It enables client-side code execution, allowing an attacker to run code on the user’s system. The connected documents corroborate vulnerable component and impact but do not provide exploit steps, spe...

CVE-2021-22195

Client side code execution in gitlab-vscode-extension v3.15.0 and earlier allows attacker to execute code on user system...

Wordpress Tips and Tricks HQ All In One WP Security & Firewal plugin Cross Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Wordpress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. all-in-one-wp-security-and-firewall is a website security plugin used in it. A cross-site scripting vulnerability exists in...

Atlassian Jira Server and Data Center Cross-Site Scripting Vulnerability

Atlassian JIRA Server and Atlassian JIRA Data Center are both products of Atlassian Australia.Atlassian JIRA Server is a server version of a defect tracking management system. Atlassian JIRA Data Center is the data center version of Atlassian JIRA. validation, an attacker could exploit the...

Henriquedornas Cross-Site Scripting Vulnerability

Henriquedornas is a web framework from Henriquedornas Brazil. Provides a framework for building websites. A cross-site scripting vulnerability exists in Henriquedornas that stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerabilit...

Micro Focus Solutions Business Manager Cross-Site Scripting Vulnerability (CNVD-2021-17221)

Micro Focus Solutions Business Manager SBM, Serena Business Manager is a suite of business process automation management solutions from Micro Focus UK. The product is mainly used for process automation, including software development lifecycle and IT business process management. A cross-site...

F5 BIG-IP AFM Cross-Site Scripting Vulnerability (CNVD-2021-13213)

F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. A cross-site scripting vulnerability exists in BIG-IP AFM, which originates from the lack of proper validation of client data by a WEB application. An attacker can exploit this vulnerability to execute...

BIG-IP cross-site scripting vulnerability (CNVD-2021-13214)

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A cross-site scripting vulnerability exists in BIG-IP, which stems from the lack of proper validation of client-side data by t...

Horde Groupware Webmail Cross-Site Scripting Vulnerability (CNVD-2021-14154)

Horde Groupware Webmail is a browser-based, enterprise-class communications suite from Horde, Inc. A cross-site scripting vulnerability exists in Horde Groupware Webmail Edition, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...