CVE-2023-36389

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...

Decidim Cross-site Scripting vulnerability in the processes filter

Impact The processes filter feature is susceptible to Cross-site scripting. This allows a remote attacker to execute JavaScript code in the context of a currently logged-in user. An attacker could use this vulnerability to make other users endorse or support proposals they have no intention of...

CVE-2021-39014 IBM Cloud Object Storage System cross-site scripting

IBM Cloud Object System 3.15.8.97 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213650...

CVE-2023-24496

Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detaildevice functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploite...

Cross site scripting

Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detaildevice functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploite...

Milesight MilesightVPN requestHandlers.js detail_device cross-site scripting (XSS) vulnerabilities

Talos Vulnerability Report TALOS-2023-1704 Milesight MilesightVPN requestHandlers.js detaildevice cross-site scripting XSS vulnerabilities July 6, 2023 CVE Number CVE-2023-24497,CVE-2023-24496 SUMMARY Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detaildevice...

CVE-2023-34599

Multiple Cross-Site Scripting XSS vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code...

CVE-2023-34599

Multiple Cross-Site Scripting XSS vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code...

Cross site scripting

Multiple Cross-Site Scripting XSS vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code...

CVE-2023-34599

Multiple Cross-Site Scripting XSS vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code...

CVE-2023-34599

Multiple Cross-Site Scripting XSS vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code...

CVE-2023-34835

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable deletefile parameter...

CVE-2023-26274

IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 248144...

Cross site scripting

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable deletefile parameter...

Cross site scripting

IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 248144...

CVE-2023-34835

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable deletefile parameter...

PT-2023-23736 · Ibm · Ibm Business Automation Workflow

Name of the Vulnerable Software and Affected Versions: IBM Business Automation Workflow affected versions not specified Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure withi...

CVE-2023-34835

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable deletefile parameter...

Acronis: [oem.acronis.com] Reflected Cross Site Scripting

The researcher discovered a reflected cross-site scripting XSS vulnerability on the oem.acronis.com website. The vulnerability was found on the /test/testenv.html page, where user-supplied input was not properly sanitized, allowing the execution of arbitrary JavaScript code...

PT-2023-24940 · Gibbon · Gibbon

Name of the Vulnerable Software and Affected Versions: Gibbon version 25.0.0 Description: Multiple Cross-Site Scripting XSS vulnerabilities have been identified, which enable attackers to execute arbitrary Javascript code. Recommendations: For Gibbon version 25.0.0, at the moment, there is no...