859 matches found
CVE-2021-4169
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2021-3977
invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2021-4139
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2021-4132
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
PT-2021-23274 · Unknown · Livehelperchat
Name of the Vulnerable Software and Affected Versions: livehelperchat affected versions not specified Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This means that the software does not properly neutralize use...
CVE-2021-4124
janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
PT-2021-23206 · Unknown +2 · Janus-Gateway +2
Name of the Vulnerable Software and Affected Versions: janus-gateway affected versions not specified Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This means that the software fails to properly neutralize user...
CVE-2021-4107
yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
Grav 跨站脚本漏洞
Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms, and one-page product presentations. A cross-site scripting vulnerability exists in grav, which stems from the vulnerability of grav to incorrect input neutralization "cross-site scripting"...
CVE-2021-3783
yourls is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2021-24014
Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox before 4.0.0 may allow an unauthenticated attacker to perform an XSS attack via specifically crafted request parameters...
Advantech Spectre RT Industrial Routers
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: Spectre RT Industrial Routers Vulnerabilities: Improper Neutralization of Input During Web Page Generation, Cleartext Transmission of Sensitive Information, Improper...
Debian DLA-2545-1 : open-build-service security update
CVE-2020-8020 An improper neutralization of input during web page generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. CVE-2020-8021 An improper access control vulnerability in open-build-service allows remote attackers to read files of a...
CVE-2020-14492
OpenClinic GA 5.09.02 and 5.89.05b does not properly neutralize user-controllable input, which may allow the execution of malicious code within the user’s browser...
XSS vulnerability in the Description Area of the Admin Profile
An improper neutralization of input vulnerability in the Admin Profile of FortiAnalyzer may allow a remote authenticated attacker to perform a stored cross site scripting attack XSS via the Description Area...
Andover Continuum Cross-Site Scripting Vulnerability (CNVD-2020-19526)
Andover Continuum is a BACnet building management system from Schneider Electric. A cross-site scripting vulnerability exists in Andover Continuum. The vulnerability stems from improper neutralization of inputs during web page generation. An attacker could exploit this vulnerability to conduct a...
CVE-2019-6699
An improper neutralization of input vulnerability in Fortinet FortiADC 5.3.3 and earlier may allow an attacker to execute a stored Cross Site Scripting XSS via a field in the traffic group interface...
CVE-2019-13934
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a reflected XSS vulnerability. This issue affects: Siemens AG Polarion All versions 19.2...
CVE-2019-6562
In Philips Tasy EMR, Tasy EMR Versions 3.02.1744 and prior, the software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users...