Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web script or HTML via the 1 S44, 2 S5, 3 Sactionfail, 4 Sptnupdate, 5 T113, 6 T114, 7 T115, 8 T117117, 9 T118, 10 Tactionfail, 11 Tptnupdate, 12...

CVE-2017-9033

Cross-site request forgery CSRF vulnerability in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows remote attackers to hijack the authentication of users for requests to start an update from an arbitrary source via a crafted request to SProtectLinux/scanoptionset.cgi, related to the...

CVE-2017-9032

CVE-2017-9032 affects Trend Micro ServerProtect for Linux 3.0 prior to CP 1531. The vulnerability is a cross-site scripting flaw in the web interface’s log_management.cgi, where the T1 and tmLastConfigFileModifiedDate parameters can be abused to inject arbitrary script/HTML. Evidence in connected...

CVE-2017-9037

CVE-2017-9037 affects Trend Micro ServerProtect for Linux 3.0 prior to CP 1531. The advisory/related reports document cross-site scripting vulnerabilities in notification.cgi and related CGI scripts, enabling an attacker to inject arbitrary script/HTML via parameters such as S44, S5, S_action_fai...

CVE-2017-9037

Multiple cross-site scripting XSS vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web script or HTML via the 1 S44, 2 S5, 3 Sactionfail, 4 Sptnupdate, 5 T113, 6 T114, 7 T115, 8 T117117, 9 T118, 10 Tactionfail, 11 Tptnupdate, 12...