CVE-2020-15275

Removed by vendor...

Adobe Connect Cross-Site Scripting Vulnerability (CNVD-2020-63001)

Adobe Connect is an online video conferencing software. A reflected cross-site scripting vulnerability exists in Adobe Connect 11.0 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary JavaScript in a browser...

Adobe Connect Cross-Site Scripting Vulnerability (CNVD-2020-63000)

Adobe Connect is an online video conferencing software. A reflected cross-site scripting vulnerability exists in Adobe Connect 11.0 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary JavaScript in a browser...

Vulnerabilities fixed in Adobe Connect

Adobe has fixed two vulnerabilities in Adobe Connect. A malicious party can use these vulnerabilities to launch a cross-site scripting XSS attack, thus setting up arbitrary javascript code with the victim's privileges. Adobe has released updates to fix the vulnerabilities in Connect 11.0.5. For...

UBUNTU-CVE-2020-15275

MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attacker with write permissions can upload an SVG file that contains malicious javascript. This javascript will be executed in a user's browser when the user is viewing that SVG file on the wiki. Users are strongly advised to upgrad...

Input validation

Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier and 2017.011.30175 and earlier and Adobe Acrobat Pro DC 2017.011.30175 and earlier are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the...

CVE-2020-24432

CVE-2020-24432 applies to Adobe Acrobat/Reader affected by an improper input validation vulnerability that could allow arbitrary JavaScript execution in the context of the current user. Affected products include Acrobat Reader DC 2020.012.20048 and earlier, 2020.001.30005 and earlier, 2017.011.30...

QNAP Systems TS-870 Cross-Site Scripting Vulnerability

QNAP Systems TS-870 is a NAS Network Attached Storage appliance from China Weilian QNAP Systems. A cross-site scripting vulnerability exists in the QNAP Systems TS-870 using firmware version 4.3.4.0486. An attacker could exploit the vulnerability to execute arbitrary JavaScript code...

Adobe Acrobat < 2017.011.30180 / 2020.001.30010 / 2020.013.20064 Multiple Vulnerabilities (APSB20-67) (macOS)

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 2017.011.30180, 2020.001.30010, or 2020.013.20064. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier and 2017.011.30175 a...

Adobe Acrobat and Reader Input Validation Improperity Vulnerability

Adobe Acrobat is a PDF editing software developed by Adobe.Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. Adobe Acrobat and Reader have an improper input validation vulnerability. An attacker can exploit this vulnerability to achieve arbitrary JavaScript...

Adobe Acrobat 2017 Security Update (APSB20-67) - Windows

Adobe Acrobat 2017 is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

Adobe Acrobat 2017 Security Update (APSB20-67) - Mac OS X

Adobe Acrobat 2017 is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

CVE-2020-24432

Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier and 2017.011.30175 and earlier and Adobe Acrobat Pro DC 2017.011.30175 and earlier are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the...

CVE-2020-26211

In BookStack

CVE-2020-26210

In BookStack before version 0.30.4, a user with permissions to edit a page could add an attached link which would execute untrusted JavaScript code when clicked by a viewer of the page. Dangerous content may remain in the database after this update. If you think this could have been exploited the...

Code injection

In BookStack before version 0.30.4, a user with permissions to edit a page could add an attached link which would execute untrusted JavaScript code when clicked by a viewer of the page. Dangerous content may remain in the database after this update. If you think this could have been exploited the...

PT-2020-5775 · Moinmoin +2 · Moinmoin +2

Name of the Vulnerable Software and Affected Versions: MoinMoin versions prior to 1.9.11 Description: The issue is related to the insufficient protection measures of web page structures in the MoinMoin wiki platform, specifically concerning the upload of SVG files. An attacker with write...

CVE-2020-5932

On BIG-IP ASM 15.1.0-15.1.0.5, a cross-site scripting XSS vulnerability exists in the BIG-IP ASM Configuration utility response and blocking pages. An authenticated user with administrative privileges can specify a response page with any content, including JavaScript code that will be executed wh...

CVE-2020-5932

On BIG-IP ASM 15.1.0-15.1.0.5, a cross-site scripting XSS vulnerability exists in the BIG-IP ASM Configuration utility response and blocking pages. An authenticated user with administrative privileges can specify a response page with any content, including JavaScript code that will be executed wh...

Apple Safari Arbitrary javascript Code Execution Vulnerability

Apple Safari is a web browser from Apple, Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. An arbitrary javascript code execution vulnerability exists in Safari versions prior to 13.0.5. The vulnerability stems from a problem with custom URL scheme handling...