SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits

SafeLine is a self-hosted WAFWeb Application Firewall to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL...

Stored XSS via Default session expiration time

Description The Default session expiration time feature when submitted HTML/JS tags executes the code in the login page. Proof of Concept Login to Teampass and go to Settings = Options. http://127.0.0.1/index.php?page=options In theDefault session expiration time input field insert an XSS payload...

Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS

Exploit Title: Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage...

CVE-2023-28648

Osprey Pump Controller version 1.01 inputs passed to a GET parameter are not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's browser session in context of an affected site...

Cross site scripting

ETAP Lighting International NV ETAP Safety Manager 1.0.0.32 is vulnerable to Cross Site Scripting XSS. Input passed to the GET parameter 'action' is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's browser session in...

CVE-2022-40912

ETAP Lighting International NV ETAP Safety Manager 1.0.0.32 is vulnerable to Cross Site Scripting XSS. Input passed to the GET parameter 'action' is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's browser session in...

ESM ETAP Safety Manager 1.0.0.32 Cross Site Scripting Vulnerability

ETAP Safety Manager 1.0.0.32 Remote Unauthenticated Reflected XSS Vendor: ETAP Lighting International NV Product web page: https://www.etaplighting.com Affected version: 1.0.0.32 Summary: The ETAP Safety Manager ESM is a central managing and control system that helps you to monitor, adjust and...

ETAP Safety Manager 1.0.0.32 Cross Site Scripting

ETAP Safety Manager 1.0.0.32 Remote Unauthenticated Reflected XSS Vendor: ETAP Lighting International NV Product web page: https://www.etaplighting.com Affected version: 1.0.0.32 Summary: The ETAP Safety Manager ESM is a central managing and control system that helps you to monitor, adjust and...

SUSE SLED15 / SLES15 Security Update : python-lxml (SUSE-SU-2022:0803-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0803-1 advisory. - An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remo...

EulerOS 2.0 SP2 : python-lxml (EulerOS-SA-2021-2431)

According to the version of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different...

Medium: python-lxml

Issue Overview: A Cross-site Scripting XSS vulnerability was found in the python-lxml's clean module. The module's parser did not properly imitate browsers, causing different behaviors between the sanitizer and the user's page. This flaw allows a remote attacker to run arbitrary HTML/JS code. The...

EulerOS 2.0 SP5 : python-lxml (EulerOS-SA-2021-1701)

According to the version of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different...

EulerOS Virtualization for ARM 64 3.0.2.0 : python-lxml (EulerOS-SA-2021-1402)

According to the version of the python-lxml package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browser...

EulerOS Virtualization 3.0.2.6 : python-lxml (EulerOS-SA-2021-1420)

According to the version of the python-lxml package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which...

EulerOS 2.0 SP8 : python-lxml (EulerOS-SA-2021-1166)

According to the version of the python-lxml packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different...

Updated python-lxml packages fix a security vulnerability

A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code. CVE-2020-27783...

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2021-1035)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

lxml vulnerable to Cross-site Scripting

A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code...

EulerOS 2.0 SP9 : python-lxml (EulerOS-SA-2021-1016)

According to the version of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different...

EulerOS 2.0 SP9 : python-lxml (EulerOS-SA-2021-1035)

According to the version of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different...