237 matches found
Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35333)
Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 2.2.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...
WordPress wpForo Forum plugin cross-site scripting vulnerability
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wpForo Forum plugin is a forum plugin used in it. A cross-site scripting vulnerability exists in WordPress wpForo Forum...
WordPress wpForo Forum plugin cross-site scripting vulnerability (CNVD-2021-24375)
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wpForo Forum plugin is a forum plugin used in it. A cross-site scripting vulnerability exists in WordPress wpForo Forum...
Micro Focus ArcSight Management Center Cross-Site Scripting Vulnerability (CNVD-2020-34713)
Micro Focus ArcSight Management Center ArcMC is a security management center from Micro Focus UK that centrally manages ArcSight e.g. HPArcSightLogger, etc. deployments through a unified interface. A cross-site scripting vulnerability exists in Micro Focus ArcSight Management Center. The...
Pixel & Tonic Craft CMS Comments plugin cross-site scripting vulnerability
Pixel & Tonic Craft CMS is the U.S. Pixel & Tonic company's set of content management system CMS. Comments plugin is one of the code comment generation plugin. A cross-site scripting vulnerability exists in the Pixel & Tonic Craft CMS Comments plugin. The vulnerability stems from a lack of proper...
IBM Security Guardium Cross-Site Scripting Vulnerability (CNVD-2020-32644)
IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A cross-site scripting vulnerability exists in IBM Security Guardium...
Grafana Cross-Site Scripting Vulnerability (CNVD-2020-31669)
Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. Grafana suffers from a cross-site scripting vulnerability. The vulnerability stems fro...
ocProducts Composr CMS Cross-Site Scripting Vulnerability
ocProducts Composr CMS is the UK ocProducts company's set of open source content management system CMS written in PHP language . A cross-site scripting vulnerability exists in ocProducts Composr CMS version 10.0.30. The vulnerability stems from a lack of proper validation of client-side data by t...
jQuery cross-site scripting vulnerability (CNVD-2021-28270)
jQuery is the United States John Resig programmer of a set of open source , cross-browser JavaScript library . The library simplifies the operation between HTML and JavaScript , and has a modular , plug-in extensions and other features . A cross-site scripting vulnerability exists in versions of...
Estsoft ALSong Cross-Site Scripting Vulnerability
Eastsoft ALSong is a music player from the Korean company Eastsoft. A cross-site scripting vulnerability exists in Eastsoft ALSong 3.46 and earlier versions, which stems from a lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute...
TYPO3 SVG Sanitizer Component Cross-Site Scripting Vulnerability
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in the SVG Sanitizer component in TYPO3 1.0.2 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data ...
UliCMS Cross-Site Scripting Vulnerability (CNVD-2020-35501)
UliCMS is an open source content management system CMS. The system supports features such as access control and WYSIWYG editing. A cross-site scripting vulnerability exists in UliCMS versions prior to 2020.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB...
Dell EMC RSA Archer Cross-Site Scripting Vulnerability
Dell EMC RSA Archer is an enterprise IT governance and compliance governance product from Dell USA. The product enables the development of eGRC programs for managing enterprise risk, automating business processes, and more. A cross-site scripting vulnerability exists in versions prior to Dell EMC...
Grafana Cross-Site Scripting Vulnerability (CNVD-2020-31592)
Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A cross-site scripting vulnerability exists in Grafana versions prior to 6.7.3. The...
Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2021-59152)
NETGEAR M4300-28G and others are a managed switch from NETGEAR, Inc. A cross-site scripting vulnerability exists in several NETGEAR products. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execu...
Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2021-59153)
NETGEAR M4300-28G and others are a managed switch from NETGEAR, Inc. A cross-site scripting vulnerability exists in several NETGEAR products. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execu...
bitcoin-abe Cross-Site Scripting Vulnerability
bitcoin-abe is a blockchain browser. The product is able to read bitcoin block files and it supports converting and loading data into a database. A cross-site scripting vulnerability exists in the call in the abe.py file in bitcoin-abe versions 0.7.2 and earlier and 0.8pre and earlier. The...
Tenable Network Security Tenable.Sc Cross-Site Scripting Vulnerability
Tenable Network Security Tenable.Sc is a vulnerability analysis solution from Tenable Network Security, USA. The product supports real-time vulnerability assessment and management, among other things. A cross-site scripting vulnerability exists in Tenable Network Security Tenable.Sc versions prio...
NETGEAR WAC510 Cross-Site Scripting Vulnerability
The NETGEAR WAC510 is a wireless access point AP from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR WAC510 prior to version 8.0.1.3, which stems from a lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute...
NETGEAR R9000 Cross-Site Scripting Vulnerability
The NETGEAR R9000 is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR R9000 prior to version 1.0.4.26, which stems from a lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute client-side code...