Lucene search
K

58 matches found

Prion
Prion
added 2024/03/01 2:15 p.m.19 views

Cross site scripting

Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data...

3.4CVSS6.1AI score0.00431EPSS
Exploits0References1
Prion
Prion
added 2024/03/01 2:15 p.m.19 views

Cross site scripting

Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data...

3.4CVSS6.1AI score0.00431EPSS
Exploits0References1
Prion
Prion
added 2024/03/01 2:15 p.m.26 views

Cross site scripting

Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability in the Filters page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a...

3.4CVSS6.2AI score0.00422EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/01 1:24 p.m.23 views

CVE-2024-24904

Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data...

7.6CVSS6.7AI score0.00431EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/01 1:19 p.m.20 views

CVE-2024-24905

Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data...

7.6CVSS5.8AI score0.00431EPSS
Exploits0References1
CVE
CVE
added 2024/03/01 1:19 p.m.91 views

CVE-2024-24905

Dell Secure Connect Gateway (SCG) Policy Manager (all versions) is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the inclusion store. An adjacent-network, high-privileged attacker could store malicious HTML/JavaScript, which executes in a victim’s browser in the context of the ...

7.6CVSS6.5AI score0.00431EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/03/01 1:15 p.m.20 views

CVE-2024-24906

Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability in Policy page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted...

7.6CVSS6.7AI score0.00422EPSS
Exploits0References1
Prion
Prion
added 2024/03/01 1:15 p.m.12 views

Cross site scripting

Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability in Policy page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted...

3.4CVSS6.2AI score0.00422EPSS
Exploits0References1
CVE
CVE
added 2024/03/01 1:14 p.m.89 views

CVE-2024-24907

Dell Secure Connect Gateway (SCG) Policy Manager is affected by a Stored Cross-Site Scripting vulnerability in the Filters page across all versions. The root cause is improper handling/storage of user-supplied data in the data store, allowing an adjacent, high-privilege attacker to inject HTML/Ja...

7.6CVSS6.5AI score0.00422EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/03/01 1:14 p.m.26 views

CVE-2024-24907

Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability in the Filters page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a...

7.6CVSS6.8AI score0.00422EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/01 1:6 p.m.22 views

CVE-2024-24906

Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability in Policy page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted...

7.6CVSS6.8AI score0.00422EPSS
Exploits0References1
NVD
NVD
added 2023/12/14 4:15 p.m.23 views

CVE-2023-44286

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the injection of malicious HTML or JavaScript code to a...

8.8CVSS0.00757EPSS
Exploits0References1
Prion
Prion
added 2023/12/14 4:15 p.m.16 views

Cross site scripting

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the injection of malicious HTML or JavaScript code to a...

5.8CVSS6.8AI score0.00757EPSS
Exploits0References1Affected Software5
CVE
CVE
added 2023/12/14 3:35 p.m.37 views

CVE-2023-44286

Dell PowerProtect DD is affected by a DOM-based Cross-Site Scripting vulnerability (CVE-2023-44286) in multiple versions: pre-7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, and 6.2.1.110. The root cause is a DOM-based XSS that allows a remote unauthenticated attacker to inject malicious HTML/JavaScript ...

8.8CVSS6.3AI score0.00757EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/04 8:40 a.m.21 views

CVE-2023-44301

Dell DM5500 5.14.0.0 and prior contain a Reflected Cross-Site Scripting Vulnerability. A network attacker with low privileges could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable...

5.4CVSS5.7AI score0.00477EPSS
Exploits0References1
NVD
NVD
added 2023/10/19 11:15 p.m.38 views

CVE-2023-44385

The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. Attackers may send malicious links/QRs to victims that, when visited, will make the victim to call arbitrary services in their Home Assistant installation. Combined with this...

8.8CVSS8.6AI score0.00284EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/19 10:2 p.m.18 views

CVE-2023-44385 Client-Side Request Forgery in Home Assistant iOS/macOS native Apps

The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. Attackers may send malicious links/QRs to victims that, when visited, will make the victim to call arbitrary services in their Home Assistant installation. Combined with this...

8.6CVSS7.5AI score0.00284EPSS
Exploits0References1
CVE
CVE
added 2023/10/19 10:2 p.m.74 views

CVE-2023-44385

CVE-2023-44385 : Affects Home Assistant Companion for iOS and macOS up to version 2023.4. The vulnerability is a Client-Side Request Forgery that allows an attacker to lure a victim into visiting a malicious link or QR code, causing the victim to invoke arbitrary services on their Home Assistant ...

8.8CVSS8.6AI score0.00284EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/19 10:2 p.m.43 views

CVE-2023-44385 Client-Side Request Forgery in Home Assistant iOS/macOS native Apps

The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. Attackers may send malicious links/QRs to victims that, when visited, will make the victim to call arbitrary services in their Home Assistant installation. Combined with this...

8.6CVSS8.9AI score0.00284EPSS
Exploits0References1
OSV
OSV
added 2023/10/19 10:2 p.m.35 views

CVE-2023-44385 Client-Side Request Forgery in Home Assistant iOS/macOS native Apps

The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. Attackers may send malicious links/QRs to victims that, when visited, will make the victim to call arbitrary services in their Home Assistant installation. Combined with this...

8.6CVSS8.6AI score0.00284EPSS
Exploits0References3
Rows per page
Query Builder