5805 matches found
CVE-2023-47883
The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity...
PT-2023-30655 · Unknown · Com.Yunyi.Smartcamera
Name of the Vulnerable Software and Affected Versions: com.yunyi.smartcamera application through 4.1.9 20231127 for Android Description: The issue allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component...
PT-2023-30656 · Unknown · Com.Altamirano.Fabricio.Tvbrowser
Name of the Vulnerable Software and Affected Versions: com.altamirano.fabricio.tvbrowser TV browser application versions through 4.5.1 for Android Description: The issue allows for JavaScript code execution via an explicit intent due to an exposed MainActivity. This could potentially lead to...
PT-2023-28839
Name of the Vulnerable Software and Affected Versions Shenzhen TCL Browser TV Web BrowseHere aka com.tcl.browser version 6.65.022 dab24cc6 231221 gp Description The issue allows a remote attacker to execute arbitrary JavaScript code via the com.tcl.browser.portal.browse.activity.BrowsePageActivit...
vlady-mix TV Browser Security Vulnerability
vlady-mix TV Browser is a web browser for Android TV from vlady-mix. A security vulnerability exists in vlady-mix TV Browser version 4.5.1 and earlier, which stems from an exposed MainActivity and can be exploited by an attacker to execute JavaScript code...
Engelsystem Cross-Site Scripting Vulnerability
Engelsystem is an open source shift planning system from Engelsystem. A cross-site scripting vulnerability exists in versions prior to Englesystem v3.4.1 that stems from insufficient validation of user-supplied data, allowing injection and execution of Javascript code in another user's environmen...
CVE-2023-6769 Stored XSS vulnerability in Amazing Little Poll
Stored XSS vulnerability in Amazing Little Poll, affecting versions 1.3 and 1.4. This vulnerability allows a remote attacker to store a malicious JavaScript payload in the "lpadmin.php" file in the "question" and "item" parameters. This vulnerability could lead to malicious JavaScript execution...
CVE-2023-6769 Stored XSS vulnerability in Amazing Little Poll
Stored XSS vulnerability in Amazing Little Poll, affecting versions 1.3 and 1.4. This vulnerability allows a remote attacker to store a malicious JavaScript payload in the "lpadmin.php" file in the "question" and "item" parameters. This vulnerability could lead to malicious JavaScript execution...
CVE-2023-6769
CVE-2023-6769 affects Amazing Little Poll versions 1.3 and 1.4. A Stored XSS flaw exists in the lp_admin.php file, where attacker-controlled data in the question and item parameters can store a malicious JavaScript payload. This payload could execute as the page loads, per the CVE/NVD description...
Cross Site Scripting (XSS)
malojaserver is vulnerable to Cross Site Scripting XSS attack. The vulnerability arises due to the error page reflecting the missing path to the user. An attacker can execute arbitrary JavaScript in the malojaserver's client context...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2023-9998791)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
CVE-2023-48616
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2023-48615
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2023-48588
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2023-48576
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2023-48574
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2023-48572
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2023-48563
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2023-48554
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2023-48553
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...