237 matches found
Drupal core cross-site scripting vulnerability (CNVD-2020-65151)
Drupal core is a free, open source content management system developed in PHP by the Drupal community. A cross-site scripting vulnerability exists in Drupal core. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this...
Rukovoditel Cross-Site Scripting Vulnerability (CNVD-2020-52204)
Rukovoditel is a set of Web-based open source project management software from the Rukovoditel team. The software has project management , customer relationship management and other functions . A cross-site scripting vulnerability exists in Rukovoditel Project Managemen versions prior to 2.6, whi...
KaiOS Note Cross-Site Scripting Vulnerability
KaiOS is a Linux-based mobile operating system. A cross-site scripting vulnerability exists in KaiOS version 2.5. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...
KaiOS Recorder Cross-Site Scripting Vulnerability
KaiOS is a Linux-based mobile operating system. A cross-site scripting vulnerability exists in KaiOS version 2.5. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...
Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2020-63723)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A cross-site scriptin...
IBM WebSphere Cross-Site Scripting Vulnerability (CNVD-2021-10829)
IBM WebSphere Application Server WAS is an application server product from IBM in the United States. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A cross-site scripting attack vulnerability exists in IBM WebSphere...
vBulletin Cross-Site Scripting Vulnerability
vBulletin is the United States InternetBrands and vBulletinSolutions, Inc. of a PHP and MySQL-based open source Web forum program . A cross-site scripting vulnerability exists in vBulletin version 5.x. The vulnerability stems from the lack of proper validation of client-side data by the WEB...
SOPlanning Cross-Site Scripting Vulnerability
SOPlanning is an online project management software. A cross-site scripting vulnerability exists in SOPlanning version 1.46.01. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to execute client-side co...
Jeedom Cross-Site Scripting Vulnerability
Jeedom is an open source home automation solution for the Internet of Things. A cross-site scripting vulnerability exists in Jeedom 4.0.38 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the...
Plesk Onyx Cross-Site Scripting Vulnerability
Plesk Onyx is a hosting control panel from the Swiss company Plesk. A cross-site scripting vulnerability exists in Plesk Onyx version 17.8.11. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute...
Nagios Log Server Cross-Site Scripting Vulnerability (CNVD-2020-43761)
Nagios Log Server is a set of centralized log management, monitoring and analysis software from Nagios, Inc. A cross-site scripting vulnerability exists in Nagios Log Server versions prior to 2.1.7. The vulnerability stems from the lack of proper validation of client-side data by the WEB...
KonaWiki Cross-Site Scripting Vulnerability
KonaWiki is a lightweight Wiki system. The system is primarily used for writing manuscripts, keeping minutes and memos, etc. A cross-site scripting vulnerability exists in KonaWiki 2.2.0 and earlier versions. The vulnerability stems from the WEB application lacking proper validation of client-sid...
Elasticsearch Kibana Cross-Site Scripting Vulnerability (CNVD-2020-49490)
Elasticsearch Kibana is a suite of open source, browser-based analytics and search Elasticsearch dashboard tools from Elasticsearch Netherlands. A cross-site scripting vulnerability exists in Elasticsearch Kibana versions prior to 6.8.11 and prior to 7.8.1. The vulnerability stems from the WEB...
SilverStripe Cross-Site Scripting Vulnerability (CNVD-2020-42956)
SilverStripe is New Zealand SilverStripe company's set of open source programming framework and content management system CMS. The system has support for multiple languages , cross-platform and other features . Silverstripe 4.5 and previous versions of cross-site scripting vulnerability. The...
IBM Team Concert Cross-Site Scripting Vulnerability
IBM Team Concert RTC is a set of scalable team collaboration platform from IBM in the United States. The platform includes features such as task tracking, source code control, automated builds, change management, and agile planning and continuous builds. A cross-site scripting vulnerability exist...
TYPO3 ke_search extension cross-site scripting vulnerability
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. kesearch extension is one of the search engine extensions. A cross-site scripting vulnerability exists in TYPO3 kesearch extension. The vulnerability stems from the WEB application lacking...
Victor CMS Cross-Site Scripting Vulnerability (CNVD-2020-61026)
Victor CMS is an open source content management system from Victor Alagwu Software Developers in Nigeria. A cross-site scripting vulnerability exists in Victor CMS 2019-02-28 and prior versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. A...
WordPress Vanguard Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.Vanguard is one of the freelance website theme plugins used in it. A cross-site scripting vulnerability exists in...
TileServer GL Cross-Site Scripting Vulnerability
TileServer GL is an open source map server for vector blocks from the MapTiler team. A cross-site scripting vulnerability exists in the server.js file in TileServer GL 3.0.0 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. ...
webTareas Cross-Site Scripting Vulnerability
webTareas is a web-based open source collaboration tool. The product supports features such as project management, bug tracking, content management and meeting management. A cross-site scripting vulnerability exists in the loginForm in the general/login.php page in webTareas version 2.0p8. The...