Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01242)

Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...

Juniper Networks Junos OS Cross-Site Scripting Vulnerability (CNVD-2020-03713)

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A cross-site scripting vulnerability exists in J-Web in Juniper Networks Junos OS, which arises from a lack of proper...

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01244)

Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...

Electronic Logbook (ELOG) Cross-Site Scripting Vulnerability

ELOG is a web application written in C for creating personal and general logs. A cross-site scripting vulnerability exists in ELOG version 3.1.4. The vulnerability stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit the vulnerability to execute...

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01243)

Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...

seeftl cross-site scripting vulnerability

seeftl is a static server for previewing ftl files. A cross-site scripting vulnerability exists in seefl version 0.1.1. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

Mozilla Firefox and Mozilla Firefox ESR Cross-Site Scripting Vulnerability (CNVD-2020-01175)

Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A cross-site scripting vulnerability exists in Mozilla Firefox ESR versions prio...

IceWarp WebMail Server Cross-Site Scripting Vulnerability

IceWarp WebMail Server is a Web-based mail server product from the U.S. company IceWarp. The product supports email archiving, SmartAttach attachments, automatic migration and more. A cross-site scripting vulnerability exists in IceWarp WebMail Server version 12.2.0 and version 12.1.x prior to...

GitLab Cross-Site Scripting Vulnerability (CNVD-2020-01236)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in GitLab. Th...

OX App Suite Cross-Site Scripting Vulnerability (CNVD-2020-03028)

Open-Xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A cross-site scripting vulnerability exists in Open-Xchange App Suite 7.10.2 and prior versions. The vulnerability...

Support Incident Tracker Cross-Site Scripting Vulnerability (CNVD-2020-04725)

Support Incident Tracker SiT! is a PHP and MySQL based technical support phone/email tracking system. A cross-site scripting vulnerability exists in the Load Plugins field of the config.php page in version 3.67 of SiT! The vulnerability stems from a lack of proper validation of client-side data i...

WordPress Easy Career Openings Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Easy Career Openings is a plugin for job search and recruitment sites. A cross-site scripting vulnerability exists in WordPress Easy...

ZenPhoto cross-site scripting vulnerability (CNVD-2020-03822)

ZenPhoto is a free content management system for photo libraries. The system manages images and supports multimedia such as audio and video. A cross-site scripting vulnerability exists in the 'sanitizestring' function in versions of Zenphoto prior to 1.4.9, which stems from a lack of proper...

WordPress Laborator Neon theme cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Laborator Neon theme is used in one of the back-end website management theme plugin. A cross-site scripting vulnerability exists in...

WordPress ListingPro theme cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.ListingPro theme is a directory website theme plugin used in it. A cross-site scripting vulnerability exists in WordPress...

WordPress ListingPro theme cross-site scripting vulnerability (CNVD-2020-01194)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.ListingPro theme is a directory website theme plugin used in it. A cross-site scripting vulnerability exists in WordPress...

WSO2 Identity Server Cross-Site Scripting Vulnerability (CNVD-2020-02585)

WSO2 Identity Server IS is an identity server from the American company WSO2. A cross-site scripting vulnerability exists in WSO2 IS version 5.7.0. The vulnerability stems from the lack of proper validation of client data by the WEB application. An attacker can exploit the vulnerability to execut...

Red Hat Keycloak Cross-Site Scripting Vulnerability (CNVD-2020-01944)

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A cross-site scripting vulnerability exists in the login-status-iframe.html page in Red Hat Keycloak, which stems from a lack of proper...

phpMyChat-Plus Cross-Site Scripting Vulnerability

phpMyChat-Plus is a chat room system based on PHP and MySQL. A cross-site scripting vulnerability exists in phpMyChat-Plus version 1.98. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute...

D-Link DIR-615 Cross-Site Scripting Vulnerability (CNVD-2020-02707)

The D-Link DIR-615 is a wireless router from AUO D-Link of Taiwan, China. A cross-site scripting vulnerability exists in the user account configuration page in the D-Link DIR-615. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker can explo...