5 matches found
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via multiple parameters such as setName, webappType, httpPort, dsName, description, phase, and url in different JSP pages. An attacker can inject arbitrary web script or HTML by sending crafted input to these...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via multiple parameters such as setName, webappType, httpPort, dsName, description, phase, and url in different JSP pages. An attacker can inject arbitrary web script or HTML by sending crafted input to these...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via multiple parameters such as setName, webappType, httpPort, dsName, description, phase, and url in different JSP pages. An attacker can inject arbitrary web script or HTML by sending crafted input to these...
CVE-2016-4316
Multiple cross-site scripting XSS vulnerabilities in WSO2 Carbon 4.4.5 allow remote attackers to inject arbitrary web script or HTML via the 1 setName parameter to identity-mgt/challenges-mgt.jsp; the 2 webappType or 3 httpPort parameter to webapp-list/webappinfo.jsp; the 4 dsName or 5 descriptio...
CVE-2016-4316
Multiple cross-site scripting XSS vulnerabilities in WSO2 Carbon 4.4.5 allow remote attackers to inject arbitrary web script or HTML via the 1 setName parameter to identity-mgt/challenges-mgt.jsp; the 2 webappType or 3 httpPort parameter to webapp-list/webappinfo.jsp; the 4 dsName or 5 descriptio...