5050 matches found
Apache Syncope Cross-Site Scripting Vulnerability
Apache Syncope is an open source system for managing digital identities in enterprise environments, implemented using Java EE technology and released under the Apache 2.0 license. A stored cross-site scripting vulnerability exists in Apache Syncope. A malicious user with sufficient administrative...
GHSA-9H9C-F287-C6VP Improper Control of Interaction Frequency in Apache syncope-core
A malicious user with enough administration entitlements can inject html-like elements containing JavaScript statements into Connector names, Report names, AnyTypeClass keys and Policy descriptions. When another user with enough administration entitlements edits one of the Entities above via Admi...
CVE-2018-17184
A malicious user with enough administration entitlements can inject html-like elements containing JavaScript statements into Connector names, Report names, AnyTypeClass keys and Policy descriptions. When another user with enough administration entitlements edits one of the Entities above via Admi...
CVE-2018-17184
A malicious user with enough administration entitlements can inject html-like elements containing JavaScript statements into Connector names, Report names, AnyTypeClass keys and Policy descriptions. When another user with enough administration entitlements edits one of the Entities above via Admi...
CVE-2018-17184
A malicious user with enough administration entitlements can inject html-like elements containing JavaScript statements into Connector names, Report names, AnyTypeClass keys and Policy descriptions. When another user with enough administration entitlements edits one of the Entities above via Admi...
Green Electronics RainMachine Mini-8 and Touch HD 12 Web Application Cross-Site Scripting Vulnerability
Green Electronics RainMachine Mini-8 and Touch HD 12 Web Application are both products of Green Electronics USA.Green Electronics RainMachine Mini-8 is a smart irrigation sprinkler. Green Electronics RainMachine Mini-8 is a smart irrigation sprinkler and Touch HD 12 Web Application is a web-based...
The vulnerability in the FortiOS operating system’s web interface allows a hacker to inject any desired JavaScript or HTML code.
The vulnerability in the web interface user/ldapuser/add of the FortiOS operating system is due to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code through the filter parameter...
The vulnerability of the FortiOS operating system arises from insufficient protection of the web page structure, allowing attackers to inject arbitrary JavaScript or HTML code.
The vulnerability of the FortiOS operating system arises from insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code remotely...
The vulnerability of the SSL VPN web portal’s login page in the operating system FortiOS allows a hacker to inject arbitrary JavaScript or HTML code.
The vulnerability of the SSL VPN web portal’s login page in the operating system FortiOS arises due to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code remotely...
The vulnerability of the DHCP Monitor web interface of the FortiOS operating system allows a hacker to inject arbitrary JavaScript or HTML code.
The vulnerability of the DHCP Monitor web interface of the FortiOS operating system arises due to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code remotely...
The vulnerability in the FortiOS operating system’s web interface allows a hacker to inject any desired JavaScript or HTML code.
The vulnerability in the user interface of the FortiOS operating system arises from insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code using the “redirect” parameter...
The vulnerability in the FortiOS operating system’s web interface allows a hacker to inject any desired JavaScript or HTML code.
The vulnerability in the FortiOS operating system’s web interface arises from insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code through user groups or template menus...
The vulnerability in the FortiOS operating system’s web interface allows a hacker to inject any desired JavaScript or HTML code.
The vulnerability in the FortiOS operating system’s web interface arises from insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code using the WTP Name or WTP Active Software Version request fields for...
The vulnerability in the FortiOS operating system’s web portal allows a hacker to inject any desired JavaScript or HTML code.
The vulnerability of the FortiOS operating system’s web portal stems from insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code using a specially crafted value for the “redir” parameter...
The vulnerability of the FortiOS operating system arises from insufficient protection of the web page structure, allowing attackers to inject arbitrary JavaScript or HTML code.
The vulnerability of the FortiOS operating system arises from insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code using a specially crafted HTTP request header named “Host”...
The vulnerability of the “Replacement Messages” component of the FortiOS operating system’s web interface, allowing a hacker to inject arbitrary JavaScript or HTML code
The vulnerability of the Replacement Messages component in the FortiOS operating system’s web interface arises due to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code remotely...
The vulnerability in the FortiOS operating system’s web interface allows a hacker to inject any desired JavaScript or HTML code.
The vulnerability in the FortiOS operating system’s web interface stems from insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code during the activation of FortiToken using the “action” parameter...
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution Exploit Title: Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution Date: 2018-07-24 Exploit Authors: Jakub Palaczynski Vendor Homepage: https://www.loadbalancer.org/ Version: . Such JavaScript is stored in "Apache User...
The vulnerability of the FortiOS operating system arises from insufficient protection of the web page structure, allowing attackers to inject arbitrary JavaScript or HTML code.
The vulnerability of the FortiOS operating system is due to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code using a specially crafted URI...
The vulnerability of the FortiOS operating system’s web interface component, FortiView, allows a hacker to inject any JavaScript or HTML code they desire.
The vulnerability of the FortiOS operating system’s web interface component is due to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code using the “Application” filter in FortiOS...