58 matches found
Cross site scripting
Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data...
Cross site scripting
Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data...
Cross site scripting
Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability in the Filters page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a...
CVE-2024-24904
Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data...
CVE-2024-24905
Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data...
CVE-2024-24905
Dell Secure Connect Gateway (SCG) Policy Manager (all versions) is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the inclusion store. An adjacent-network, high-privileged attacker could store malicious HTML/JavaScript, which executes in a victim’s browser in the context of the ...
CVE-2024-24906
Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability in Policy page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted...
Cross site scripting
Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability in Policy page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted...
CVE-2024-24907
Dell Secure Connect Gateway (SCG) Policy Manager is affected by a Stored Cross-Site Scripting vulnerability in the Filters page across all versions. The root cause is improper handling/storage of user-supplied data in the data store, allowing an adjacent, high-privilege attacker to inject HTML/Ja...
CVE-2024-24907
Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability in the Filters page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a...
CVE-2024-24906
Dell Secure Connect Gateway SCG Policy Manager, all versions, contains a Stored Cross-Site Scripting Vulnerability in Policy page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted...
CVE-2023-44286
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the injection of malicious HTML or JavaScript code to a...
Cross site scripting
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the injection of malicious HTML or JavaScript code to a...
CVE-2023-44286
Dell PowerProtect DD is affected by a DOM-based Cross-Site Scripting vulnerability (CVE-2023-44286) in multiple versions: pre-7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, and 6.2.1.110. The root cause is a DOM-based XSS that allows a remote unauthenticated attacker to inject malicious HTML/JavaScript ...
CVE-2023-44301
Dell DM5500 5.14.0.0 and prior contain a Reflected Cross-Site Scripting Vulnerability. A network attacker with low privileges could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable...
CVE-2023-44385
The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. Attackers may send malicious links/QRs to victims that, when visited, will make the victim to call arbitrary services in their Home Assistant installation. Combined with this...
CVE-2023-44385 Client-Side Request Forgery in Home Assistant iOS/macOS native Apps
The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. Attackers may send malicious links/QRs to victims that, when visited, will make the victim to call arbitrary services in their Home Assistant installation. Combined with this...
CVE-2023-44385
CVE-2023-44385 : Affects Home Assistant Companion for iOS and macOS up to version 2023.4. The vulnerability is a Client-Side Request Forgery that allows an attacker to lure a victim into visiting a malicious link or QR code, causing the victim to invoke arbitrary services on their Home Assistant ...
CVE-2023-44385 Client-Side Request Forgery in Home Assistant iOS/macOS native Apps
The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. Attackers may send malicious links/QRs to victims that, when visited, will make the victim to call arbitrary services in their Home Assistant installation. Combined with this...
CVE-2023-44385 Client-Side Request Forgery in Home Assistant iOS/macOS native Apps
The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. Attackers may send malicious links/QRs to victims that, when visited, will make the victim to call arbitrary services in their Home Assistant installation. Combined with this...