2 matches found
CVE-2018-1000528
GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb75606001 contains a Cross Site Scripting XSS vulnerability in change password form html/password.php, 308 that can result in injection of arbitrary web script or HTML. This attack appear to be exploitable via the victim must open ...
CVE-2017-9767
Multiple cross-site scripting XSS vulnerabilities in Quali CloudShell before 8 allow remote authenticated users to inject arbitrary web script or HTML via the 1 Name or 2 Description parameter to RM/Reservation/ReserveNew; the 3 Description parameter to RM/Topology/Update; the 4 Name, 5...