Lucene search
K

3612 matches found

Prion
Prion
added 2020/09/01 5:15 p.m.15 views

Cross site scripting

IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of...

3.5CVSS6.8AI score0.00735EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/11 7:18 p.m.51 views

Security Bulletin: A vulnerability in jQuery affects IBM WIoTP MessageGateway (CVE-2020-7656)

Summary There is a vulnerability in jQuery that affects IBM WIoTP MessageGateway. Vulnerability Details CVEID: CVE-2020-7656 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the load method. A remote attacker could exploit this...

6.1CVSS1.1AI score0.06273EPSS
Exploits4Affected Software1
Cvelist
Cvelist
added 2020/07/01 1:45 p.m.26 views

CVE-2017-1659

"HCL iNotes is susceptible to a Cross-Site Scripting XSS Vulnerability. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials."...

6AI score0.00666EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/01 1:42 a.m.26 views

Security Bulletin: Rational Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability

Summary Asset Analyzer RAA has addressed the following vulnerability. IBM WebSphere Application Server was affected by a cross-site scripting. Vulnerability Details CVEID: CVE-2019-17573 DESCRIPTION: Apache CXF is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

6.1CVSS1.4AI score0.07055EPSS
Exploits0Affected Software1
NVD
NVD
added 2020/03/05 7:15 p.m.19 views

CVE-2020-4082

The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting...

5.4CVSS5.6AI score0.0066EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/03/05 6:45 p.m.32 views

CVE-2020-4082

The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting...

5.6AI score0.0066EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2020/01/16 12:0 a.m.167 views

WordPress Resim ara 1.0 Cross Site Scripting

Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Resim ara 1.0 Resim ara is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

7AI score
Exploits0
Symantec
Symantec
added 2020/01/02 12:0 a.m.39 views

Open-Xchange AppSuite Multiple Security Vulnerabilities

Description Open-Xchange AppSuite is prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected application. This may let the attacker steal cookie-based authentication...

7.3AI score
Exploits0References1Affected Software1
Symantec
Symantec
added 2019/12/10 12:0 a.m.22 views

Atlassian FishEye and Crucible CVE-2019-15008 Cross Site Scripting Vulnerability

Description Atlassian FishEye and Crucible are prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based...

0.4AI score0.00739EPSS
Exploits0References1Affected Software2
Symantec
Symantec
added 2019/12/10 12:0 a.m.18 views

Multiple Siemens EN100 Ethernet Modules SSA-418979 Multiple Security Vulnerabilities

Description Multiple Siemens EN100 Ethernet Modules are prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary code, using directory-traversal sequences '../' to retrieve sensitive information and execute arbitrary script code in the browser of an...

0.5AI score
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/11/27 3:48 p.m.23 views

Security Bulletin: IBM TRIRIGA Application platform is vulnerable to a cross-site scripting attack. (CVE-2016-2883)

Summary IBM TRIRIGA Application Platform is vulnerable to cross-site scripting that could be used to steal cookie-based authentication credentials. Vulnerability Details CVEID: CVE-2016-2883 DESCRIPTION: IBM TRIRIGA is vulnerable to cross-site scripting, caused by improper validation of...

5.4CVSS0.6AI score0.00622EPSS
Exploits0Affected Software1
Symantec
Symantec
added 2019/11/26 12:0 a.m.34 views

IBM Case Manager CVE-2019-4426 Cross Site Scripting Vulnerability

Description IBM Case Manager is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...

1.2AI score0.00748EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2019/11/18 12:0 a.m.6 views

PT-2019-4283 · Apache +1 · Apache Shiro +1

Name of the Vulnerable Software and Affected Versions: Apache Shiro versions prior to 1.4.2 Description: The issue is related to the use of the default "remember me" configuration in Apache Shiro, which can make cookies susceptible to a padding attack. This could allow a remote attacker to impact...

7.5CVSS7.5AI score0.09101EPSS
Exploits0References18
Symantec
Symantec
added 2019/11/18 12:0 a.m.27 views

Moodle CVE-2019-14881 Cross Site Scripting Vulnerability

Description Moodle is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attack...

6.6AI score0.01113EPSS
Exploits0References1Affected Software1
Symantec
Symantec
added 2019/10/14 12:0 a.m.42 views

WordPress Prior to 5.2.4 Multiple Security Vulnerabilities

Description WordPress is prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and...

7.5AI score
Exploits0References1Affected Software1
Symantec
Symantec
added 2019/10/02 12:0 a.m.27 views

Cisco Unified Communications Manager CVE-2019-12716 Cross Site Scripting Vulnerability

Description Cisco Unified Communications Manager is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

0.8AI score0.01057EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2019/09/10 12:0 a.m.200 views

WordPress Checklist 1.1.5 Cross Site Scripting

Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Checklist 1.1.5 Checklist is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/09/07 12:0 a.m.234 views

WordPress Ellipsis Human Presence Technology 2.0.8 Cross Site Scripting

Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Ellipsis human presence technology 2.0.8 Ellipsis human presence technology is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2019/09/04 12:0 a.m.302 views

WordPress Spryng Payments WooCommerce 1.6.7 Cross Site Scripting

Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Spryng payments woocommerce 1.6.7 Spryng payments woocommerce is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to...

0.2AI score
Exploits0
Symantec
Symantec
added 2019/07/17 12:0 a.m.19 views

Jenkins Multiple Security Vulnerabilities

Description Jenkins is prone to the following vulnerabilities: 1. A unauthorized-access vulnerability 2. A cross-site request forgery vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of the victim in the context of the affected site, steal...

7.8AI score
Exploits0References2Affected Software3
Rows per page
Query Builder