CVE-2024-43737 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-52818 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-52832 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-52834

Adobe Experience Manager (AEM) 6.5.21 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields (CVE-2024-52834). Malicious JavaScript can execute in a victim’s browser when the page containing the vulnerable field is loaded. Connected sources confirm ...

CVE-2024-43734

CVE-2024-43734 affects Adobe Experience Manager (AEM) versions 6.5.21 and earlier with a stored XSS vulnerability in vulnerable form fields. The issue allows injection of malicious scripts that can execute in a victim’s browser when visiting pages containing the affected fields. Exploitation deta...

CVE-2024-52829 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-52829 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-52843 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-43736 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-52841 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-54048

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2024-54032

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

IBM Carbon Design System 跨站脚本漏洞

IBM Carbon Design System is a design system for building user interfaces. A cross-site scripting vulnerability exists in IBM Carbon Design System. The vulnerability stems from insufficient validation of user input. An attacker can exploit the vulnerability to embed arbitrary JavaScript code in th...

PT-2024-32413 · Ibm · Ibm Carbon Design System

Name of the Vulnerable Software and Affected Versions: IBM Carbon Design System Carbon Charts versions 0.4.0 through 1.13.16 Description: The issue allows an authenticated user to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to...

CVE-2024-7874

Tungsten Automation Kofax TotalAgility in versions all through 7.9.0.25.0.954 is vulnerable to a Reflected XSS attacks through mfpConnectionId parameter manipulation in a form sent to endpoints "/TotalAgility/Kofax/BrowserDevice/ScanFront.aspx"...

CVE-2024-7875 XSS in Tungsten Automation TotalAgility

Tungsten Automation Kofax TotalAgility in versions all through 7.9.0.25.0.954 is vulnerable to a Reflected XSS attacks through mfpScreenResolutionWidth parameter manipulation in a form sent to an endpoint /TotalAgility/Kofax/BrowserDevice/ScanFront.aspx This allows for injection of a malicious...

CVE-2024-7875

CVE-2024-7875 affects Tungsten Automation (Kofax) TotalAgility up to version 7.9.0.25.0.954. The vulnerability is a Reflected XSS in the ScanFront.aspx endpoints where mfpScreenResolutionWidth is manipulated via POST data. An attacker can inject JavaScript code, leading to information disclosure,...

CVE-2024-7874 XSS in Tungsten Automation TotalAgility

Tungsten Automation Kofax TotalAgility in versions all through 7.9.0.25.0.954 is vulnerable to a Reflected XSS attacks through mfpConnectionId parameter manipulation in a form sent to endpoints "/TotalAgility/Kofax/BrowserDevice/ScanFront.aspx"...

CVE-2024-7874 XSS in Tungsten Automation TotalAgility

Tungsten Automation Kofax TotalAgility in versions all through 7.9.0.25.0.954 is vulnerable to a Reflected XSS attacks through mfpConnectionId parameter manipulation in a form sent to endpoints "/TotalAgility/Kofax/BrowserDevice/ScanFront.aspx"...

CVE-2024-7874

CVE-2024-7874 affects Tungsten Automation TotalAgility versions up to 7.9.0.25.0.954. The vulnerability is a Reflected Cross‑Site Scripting (XSS) via the mfpConnectionId parameter in forms posted to /TotalAgility/Kofax/BrowserDevice/ScanFront.aspx and /TotalAgility/Kofax/BrowserDevice/ScanFrontDe...