CVE-2023-27149

A stored cross-site scripting XSS vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list...

Cross-site Scripting (XSS)

Overview concrete5/concrete5 is a concrete5 open source CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the manipulation of the Label argument. An attacker can inject malicious scripts by crafting a specially formatted input that exploits the improper...

CVE-2023-27149

A stored cross-site scripting XSS vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list...

Enhancesoft osTicket Cross-Site Scripting Vulnerability

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, USA. A security vulnerability exists in Enhancesoft osTicket v1.17.2. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the Label input paramete...

Opennms Group OpenNMS 跨站脚本漏洞

Opennms Group OpenNMS is an open source, enterprise-grade network monitoring and network management platform from the U.S.-based OpenNMS Group Opennms Group. A cross-site scripting vulnerability exists in OpenNMS Horizon and OpenNMS Meridian, which stems from the fact that the function...