SolarWinds Serv-U File Server Cross-Site Scripting Vulnerability (CNVD-2020-51523)

SolarWinds Serv-U File Server is a file transfer server from SolarWinds USA. A cross-site scripting vulnerability exists in SolarWinds Serv-U File Server versions prior to 15.2.1. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can...

HCL AppScan Cross-Site Scripting Vulnerability

HCL AppScan is a suite of dynamic analysis testing tools from HCL India, which is primarily used for web security testing. A cross-site scripting vulnerability exists in HCL AppScan Enterprise Edition version 10.0.0 and earlier. The vulnerability stems from the lack of proper validation of...

Froala WYSIWYG HTML Editor Cross-Site Scripting Vulnerability

Froala WYSIWYG HTML Editor is a U.S. Froala company's Web-based WYSIWYG rich text editor . A cross-site scripting vulnerability exists in Froala WYSIWYG HTML Editor versions 3.0.6 through 3.1.1. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. A...

Roundcube Webmail Cross-Site Scripting Vulnerability (CNVD-2021-17781)

Roundcube Webmail is an open source browser-based IMAP client that supports address book management, message searching, spell checking and more. A cross-site scripting vulnerability exists in Roundcube Webmail versions prior to 1.2.11, 1.3.x prior to 1.3.14 and 1.4.x prior to 1.4.7. The...

jsPDF cross-site scripting vulnerability

jsPDF is a JavaScript-based PDF document generation library . A cross-site scripting vulnerability exists in all versions of jsPDF. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute client-si...

Red Hat Keycloak Cross-Site Scripting Vulnerability (CNVD-2021-17784)

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A cross-site scripting vulnerability exists in Red Hat Keycloak. The vulnerability stems from a lack of proper authentication of client-side da...

Atlassian JIRA Server and Data Center Cross-Site Scripting Vulnerability (CNVD-2021-36601)

Atlassian JIRA Server and Atlassian JIRA Data Center are both products of the Australian company Atlassian Atlassian.Atlassian JIRA Server is a server version of a defect tracking management system. The system is mainly used to track and manage all kinds of issues and defects in the...

Atlassian Jira Service Desk Server and Data Center Cross-Site Scripting Vulnerability

Atlassian Jira Service Desk Server and Atlassian Jira Service Desk Data Center are both products of Atlassian Australia.Atlassian Jira Service Desk Server is the server version of an IT service desk and request tracking Atlassian Jira Service Desk Server is the server version of an IT service des...

Adobe Magento WebForms Pro M2 Cross-Site Scripting Vulnerability

Adobe Magento is the United States Odo than Adobe company's set of open source PHP e-commerce system . The system provides rights management , search engines and payment gateways , etc. WebForms Pro M2 is used in which a form to build extensions . Adobe Magento 2 in the WebForms Pro M2 version...

Adobe Magento Form Builder Cross-Site Scripting Vulnerability

Adobe Magento is the United States Odo than Adobe company's set of open source PHP e-commerce system . The system provides rights management , search engines and payment gateways and other features . Form Builder is used in which a form to build extensions . Adobe Magento in the Form Builder...

WordPress Nexos theme cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.Nexos theme is a real estate website theme plugin used in it. A cross-site scripting vulnerability exists in WordPress Nexos...

Rapid7 Metasploit Pro Cross-Site Scripting Vulnerability (CNVD-2021-39049)

Rapid7 Metasploit Pro is a suite of penetration testing software from the US company Rapid7. A cross-site scripting vulnerability exists in Rapid7 Metasploit Pro. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...

SolarWinds Orion Platform Cross-Site Scripting Vulnerability

SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. A...

Rapid7 Metasploit Pro Cross-Site Scripting Vulnerability

Rapid7 Metasploit Pro is a suite of penetration testing software from the US company Rapid7. A cross-site scripting vulnerability exists in Rapid7 Metasploit Pro. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...

Paessler PRTG Network Monitor Cross-Site Scripting Vulnerability (CNVD-2020-52850)

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler, Germany. A cross-site scripting vulnerability exists in Paessler PRTG Network Monitor version 20.1.56.1574. The vulnerability stems from the lack of proper validation of client-side data by...

Global RADAR BSA Radar Cross-Site Scripting Vulnerability

Global RADAR BSA Radar is a suite of anti-money laundering AML solutions for the financial sector from US-based Global RADAR. A cross-site scripting vulnerability exists in the 'Firstname' and 'Lastname' parameters in Global RADAR BSA Radar 1.6.7234.24750 and earlier versions. The vulnerability...

Kordil EDMS Cross-Site Scripting Vulnerability

Kordil EDMS is an open source electronic document management system of the Turkish company Kordil . The system supports features such as document management and document control. A cross-site scripting vulnerability exists in the usersedit.php file, usersmanagementedit.php file, and...

CVE-2020-13279

Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system...

CVE-2020-13279

Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system...

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-48229)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 4.3.0, prior to 4.2.1, and prior to 4.1.2. The vulnerability stems from a lack of proper validation of client data ...