12 matches found
EUVD-2019-5711
Malware in sbrugna...
CVE-2019-14550
An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed when a victim clicks on the Edit Dashboard feature present on the Homepage. An attacker can load malicious JavaScript inside the add tab list feature, which would fire when a user clicks on the Edit Dashboard button, thus...
GHSA-9M82-F3WX-P625 LibreNMS XSS Vulnerability
Persistent Cross-Site Scripting XSS issues in LibreNMS before 1.44 allow remote attackers to inject arbitrary web script or HTML via the dashboardname parameter in the /ajaxform.php resource, related to html/includes/forms/add-dashboard.inc.php, html/includes/forms/delete-dashboard.inc.php, and...
Nagios XI Cross-Site Scripting Vulnerability (CNVD-2020-63971)
Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. A cross-site scripting vulnerability exists in the Dashboard Tool Edit Dashboard in Nagios XI versions prior to 5.7.5. No details of t...
CVE-2020-27989
Nagios XI before 5.7.5 is vulnerable to XSS in Dashboard Tools Edit Dashboard...
Design/Logic Flaw
Nagios XI before 5.7.5 is vulnerable to XSS in Dashboard Tools Edit Dashboard...
CVE-2020-27989
Nagios XI before 5.7.5 is affected by a Cross‑Site Scripting (XSS) vulnerability in Dashboard Tools (Edit Dashboard). The root cause is insufficient input validation when processing Deploy Dashboards requests, enabling stored XSS through the Dashboard feature. Impact is browser‑based script execu...
CVE-2019-14550
An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed when a victim clicks on the Edit Dashboard feature present on the Homepage. An attacker can load malicious JavaScript inside the add tab list feature, which would fire when a user clicks on the Edit Dashboard button, thus...
CVE-2019-14550
An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed when a victim clicks on the Edit Dashboard feature present on the Homepage. An attacker can load malicious JavaScript inside the add tab list feature, which would fire when a user clicks on the Edit Dashboard button, thus...
Cross site scripting
An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed when a victim clicks on the Edit Dashboard feature present on the Homepage. An attacker can load malicious JavaScript inside the add tab list feature, which would fire when a user clicks on the Edit Dashboard button, thus...
CVE-2019-14550
An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed when a victim clicks on the Edit Dashboard feature present on the Homepage. An attacker can load malicious JavaScript inside the add tab list feature, which would fire when a user clicks on the Edit Dashboard button, thus...
CVE-2019-14298
Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Descriptionconfig field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx...