4 matches found
CVE-2021-43960
Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title,...
Cross site scripting
DISPUTED Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Pa...
CVE-2021-43960
Lorensbergs Connect2 3.13.7647.20190 is affected by a cross-site scripting (XSS) vulnerability. An administrator can inject an XSS payload through the Wizard editor by entering it in fields such as Page title, Page Instructions, Text before, Text after, or Text on side box and saving; the payload...
CVE-2007-3484
Cross-site scripting XSS vulnerability in search.php in Google Custom Search Engine allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: this issue is disputed by the Google Security Team, who states that "Google does not provide the 'search.php' script...