5946 matches found
Racom 跨站脚本漏洞
The RACOM M!DGE is a cellular router designed for SCADA and telemetry mission-critical applications and is ideally suited for many different wireless applications. A cross-site scripting vulnerability exists in the RACOM M!DGE firmware version 4.4.40.105. The vulnerability can be exploited by an...
CVE-2021-21029
Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are affected by a Reflected Cross-site Scripting vulnerability via 'file' parameter. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required...
CVE-2021-21030
Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are vulnerable to a stored cross-site scripting XSS in the customer address upload feature. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Exploitation of this issue...
Cross site scripting
Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are vulnerable to a stored cross-site scripting XSS in the customer address upload feature. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Exploitation of this issue...
Cross site scripting
Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are vulnerable to a stored cross-site scripting vulnerability in the admin console. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required...
CVE-2021-21029 Magento Commerce Reflected Cross-site Scripting Vulnerability Could Lead To Arbitrary JavaScript Execution
Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are affected by a Reflected Cross-site Scripting vulnerability via 'file' parameter. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required...
CVE-2021-21030 Magento Commerce Stored Cross-site Scripting Could Lead To Arbitrary Javascript Execution
Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are vulnerable to a stored cross-site scripting XSS in the customer address upload feature. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Exploitation of this issue...
Adobe Magento Cross-Site Scripting Vulnerability (CNVD-2021-13923)
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
Adobe Magento Cross-Site Scripting Vulnerability (CNVD-2021-13918)
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
CVE-2020-22841
Stored XSS in b2evolution CMS version 6.11.6 and prior allows an attacker to perform malicious JavaScript code execution via the plugin name input field in the plugin module...
CVE-2020-22841
Stored XSS in b2evolution CMS version 6.11.6 and prior allows an attacker to perform malicious JavaScript code execution via the plugin name input field in the plugin module...
Cross site scripting
Stored XSS in b2evolution CMS version 6.11.6 and prior allows an attacker to perform malicious JavaScript code execution via the plugin name input field in the plugin module...
CVE-2020-22841
CVE-2020-22841 concerns a Stored XSS vulnerability in b2evolution CMS versions up to and including 6.11.6 . The flaw arises in the plugin module’s plugin name input field , where malicious JavaScript can be stored and later executed by other users. Public references document this as a stored XSS ...
Adobe Magento 跨站脚本漏洞
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
The vulnerability of Adobe Experience Manager’s content and media management system lies in its lack of protection for website structures. This allows attackers to execute arbitrary JavaScript code in the user’s browser.
The vulnerability of the Adobe Experience Manager content and media management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...
The vulnerability of Adobe Experience Manager’s content and media management system lies in its lack of protection for website structures. This allows attackers to execute arbitrary JavaScript code in the user’s browser.
The vulnerability of the Adobe Experience Manager content and media management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...
The vulnerability of Adobe Experience Manager’s content and media management system lies in its lack of protection for website structures. This allows attackers to execute arbitrary JavaScript code in the user’s browser.
The vulnerability of the Adobe Experience Manager content and media management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...
The vulnerability of Adobe Experience Manager’s content and media management system lies in its lack of protection for website structures. This allows attackers to execute arbitrary JavaScript code in the user’s browser.
The vulnerability of the Adobe Experience Manager content and media management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...
ExpressionEngine: Stored XSS filter bypass on discussion forum.
A vulnerability was identified and fixed that could have allowed attackers to bypass the XSS filter in the discussion forum, enabling arbitrary JavaScript execution in the victim's browser...
Pryaniki Cross-Site Scripting Vulnerability
Pryaniki is a website building system for building a corporate communication platform from the Russian company Pryaniky. The platform is used for organizing communication within the company, motivational planning, idea management projects and other business processes. Pryaniki 6.44.3 suffers from...