CVE-2018-15528

Reflected Cross-Site Scripting exists in the Java System Solutions SSO plugin 4.0.13.1 for BMC MyIT. A remote attacker can abuse this issue to inject client-side scripts into the "selectsso" function. The payload is triggered when the victim opens a prepared /ux/jss-sso/arslogin?XSS link and then...

CVE-2018-6227

A stored cross-site scripting XSS vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject client-side scripts into vulnerable systems...

CVE-2018-6226

Reflected cross-site scripting XSS vulnerabilities in two Trend Micro Email Encryption Gateway 5.5 configuration files could allow an attacker to inject client-side scripts into vulnerable systems...

CVE-2018-6227

A stored cross-site scripting XSS vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject client-side scripts into vulnerable systems...

Cross site scripting

A stored cross-site scripting XSS vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject client-side scripts into vulnerable systems...

Cross site scripting

Reflected cross-site scripting XSS vulnerabilities in two Trend Micro Email Encryption Gateway 5.5 configuration files could allow an attacker to inject client-side scripts into vulnerable systems...

CVE-2017-3150

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible to client-side script...

PYSEC-2017-106

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible to client-side script...

PYSEC-2017-106

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible to client-side script...

DOM-based Cross-Site Scripting (XSS)

Client-side scripts are used extensively by modern web applications. They perform from simple functions such as the formatting of text up to full manipulation of client-side data and Operating System interaction. Unlike traditional Cross-Site Scripting XSS, where the client is able to inject...

DOM-based Cross-Site Scripting (XSS) in attribute context

Client-side scripts are used extensively by modern web applications. They perform from simple functions such as the formatting of text up to full manipulation of client-side data and Operating System interaction. Unlike traditional Cross-Site Scripting XSS, where the client is able to inject...

Cross-Site Scripting (XSS) in attribute context

Client-side scripts are used extensively by modern web applications. They perform from simple functions such as the formatting of text up to full manipulation of client-side data and Operating System interaction. Cross Site Scripting XSS allows clients to inject scripts into a request and have th...

Cross-Site Scripting (XSS) in path

Client-side scripts are used extensively by modern web applications. They perform from simple functions such as the formatting of text up to full manipulation of client-side data and Operating System interaction. Cross Site Scripting XSS allows clients to inject scripts into a request and have th...

Cross-Site Scripting (XSS)

Client-side scripts are used extensively by modern web applications. They perform from simple functions such as the formatting of text up to full manipulation of client-side data and Operating System interaction. Cross Site Scripting XSS allows clients to inject scripts into a request and have th...

CVE-2016-6344

It was discovered that JBoss BRMS 6 and BPM Suite 6 are not setting HttpOnly flags on sensitive cookies. Remote attackers can access these cookies by using client-side scripts, usually through XSS...

Nagios Network Analyzer 2.2.1 Cross Site Scripting

Credits: John Page - HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAGIOS-NA-v2.2.1-XSS.txt + ISR: ApparitionSec Vendor: =============== www.nagios.com Product: ============================== Nagios Network Analyzer v2.2.1 Netflow Analysis,...

HotExBilling Manager 73 Cross Site Scripting

Title: ==== HotExBilling Manager – Cross-site scripting XSS vulnerability Credit: ====== Name: Bhadresh Patel Company/affiliation: HelpAG Website: www.helpag.com CVE: ===== CVE-2015-2781 Date: ==== 12-03-2015 dd/mm/yyyy Vendor: ====== Hotspot Express has been in the billing solution business sinc...

Feng Office Arbitrary File Upload and Cross Site Scripting Vulnerabilities

Feng Office is prone to an arbitrary-file-upload vulnerability and multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced source...

Vtiger CRM <= 5.2.0 Multiple Vulnerabilities - Active Check

Vtiger CRM is prone to an arbitrary file upload vulnerability, multiple local file include LFI vulnerabilities, and multiple cross-site scripting XSS vulnerabilities because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text...

XAMPP Cross Site Scripting and Information Disclosure Vulnerabilities

XAMPP is prone to multiple cross-site scripting vulnerabilities and an information disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. Attackers can exploit these issues to obtain sensitive information, steal cookie-based authentication information...