311 matches found
Red Hat CloudForms HTML Injection Vulnerability
Red Hat CloudForms is a suite of IaaS Infrastructure as a Service cloud service solutions from Red Hat, Inc. The solution creates and manages private and public clouds and has the ability to manage the application lifecycle. An HTML injection vulnerability exists in Red Hat CloudForms, which stem...
Atlassian FishEye and Crucible Cross-Site Scripting Vulnerabilities
Atlassian FishEye and Crucible are both products of the Australian company Atlassian, FishEye is a suite of software for deep viewing of source code repositories and Crucible is a suite of code review tools. A cross-site scripting vulnerability exists in the administration user deletion resource ...
Centreon Cross-Site Scripting Vulnerability
Centreon formerly known as Merethis Centreon is an open source IT monitoring software suite from Centreon France that needs to be paired with Nagios to manage Nagios via the web and third-party components to enable monitoring of networks, operating systems and applications. A cross-site scripting...
Paessler PRTG Network Monitor Cross-Site Scripting Vulnerability
Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler AG, Germany. A cross-site scripting vulnerability exists in versions prior to Paessler PRTG Network Monitor 17.2.32.2279. A remote attacker can exploit this vulnerability to inject arbitrary...
RedHat JBoss BRMS and BPM Suite Cross-Site Scripting Vulnerability
RedHat JBoss BRMS is a comprehensive business process automation platform that integrates business rules management, business process management BPM and complex event processing CEP into a single open source solution. A cross-site scripting vulnerability exists in RedHat JBoss BRMS and BPM Suite...
RedHat JBoss BRMS and BPM Suite HTML Injection Vulnerability
Red Hat JBoss BRMS is a comprehensive business process automation platform that integrates business rules management, business process management BPM and complex event processing CEP into a single open source solution. An HTML injection vulnerability exists in Red Hat JBoss BRMS and BPM Suite due...
chromium-browser: universal xss in chrome://apps
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page...
Moodle HTML Injection Vulnerability (CNVD-2017-00905)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. Moodle suffers from an HTML injection vulnerability due to the program failing to...
MoinMoin HTML Injection Vulnerability
MoinMoin is a set of open source , scalable wiki engine program based on the Python environment . An HTML injection vulnerability exists in MoinMoin version 1.9.8. A remote attacker can exploit this vulnerability to inject arbitrary JS code...
Novell NetIQ Identity Manager HTML Injection Vulnerability
NetIQ Designer for Identity Manager is a suite of graphical interface tools for configuring and deploying Identity Manager, a comprehensive solution for providing identity and control access, from NetIQ USA. An html injection vulnerability exists in Novell NetIQ Identity Manager versions prior to...
CVE-2016-1592
XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI...
Wordpress simplified-content plugin cross-site scripting vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites on PHP and MySQL servers. simplified-content is one of the plug-ins used to simplify the content. A cross-site scripting vulnerability exists in...
Novell GroupWise HTML Injection Vulnerability
Novell GroupWise is a cross-platform collaboration software. An HTML injection vulnerability exists in Novell GroupWise 2014 SP1, 2014 R2 SP1, and 2014 versions, which stems from the program failing to adequately filter user-submitted input. An attacker could be allowed to exploit the vulnerabili...
Foreman HTML Injection Vulnerability
Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. An HTML injection vulnerability exists in Foreman, which arises from the program's failure to adequately...
Multiple Vulnerabilities in Digitalstrom Konfigurator
The Digitalstrom Konfigurator is a smart home device from the Swiss company Digitalstrom. HTML injection vulnerabilities and cross-site scripting vulnerabilities exist in Digitalstrom Konfigurator. These vulnerabilities can be exploited by remote attackers to perform unauthorized actions, execute...
The vulnerabilities in the Moodle learning management system allow a hacker to inject arbitrary Web or HTML code.
The multiple vulnerabilities of the Moodle learning management system’s SCORM module exist due to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities allows a malicious actor to inject arbitrary Web or HTML code using a specially created name for the...
markdown-it and NodeBB HTML Injection Vulnerabilities
markdown-it is a parser product. NodeBB is a forum system developed by the Design Create Play team and built using Node.js, a web application platform built on top of Google's V8 JavaScript engine. An HTML injection vulnerability exists in markdown-it versions prior to 4.1.0 and NodeBB versions...
TheHostingTool HTML Injection Vulnerability
TheHostingTool is a set of open source free PHP-based hosting applications. TheHostingTool suffers from an HTML injection vulnerability. An attacker can exploit the vulnerability to execute arbitrary HTML or JavaScript code in the context of an affected site...
Belkin N150 Wireless Home Router HTML Injection Vulnerability
Belkin N150 Wireless Home is a wireless router product from Belkin USA. An HTML injection vulnerability exists in the Belkin N150 Wireless Home Router, which can be exploited by an attacker to execute arbitrary HTML...
Let's PHP! p++BBS HTML Injection Vulnerability
Let's PHP! p++BBS is a bulletin board system. Let's PHP! p++BBS suffers from an HTML injection vulnerability that can be exploited by remote attackers to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when malicious data is viewed...