3245 matches found
Cross-site Scripting (XSS)
Overview rails is an opensource MVC web framework. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the autolink function in Rails. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicious script into an otherwi...
Cross site scripting
A persistent Cross-Site Scripting XSS vulnerability in Juniper Networks Junos OS on SRX Series, J-Web interface may allow a remote authenticated user to inject persistent and malicious scripts. An attacker can exploit this vulnerability to steal sensitive data and credentials from a web...
CVE-2021-25968
In “OpenCMS”, versions 10.5.0 to 11.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the Sitemap functionality. These scripts are executed in a victim’s browser when they open the page containing the vulnerable field...
Cross site scripting
In “OpenCMS”, versions 10.5.0 to 11.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the Sitemap functionality. These scripts are executed in a victim’s browser when they open the page containing the vulnerable field...
CVE-2021-25968 OpenCMS - Stored Cross-Site Scripting (XSS) in Sitemap
In “OpenCMS”, versions 10.5.0 to 11.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the Sitemap functionality. These scripts are executed in a victim’s browser when they open the page containing the vulnerable field...
Cross-site Scripting (XSS) - Reflected in dmpop/mejiro
Description From OWASP : : Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script...
Cross-site Scripting (XSS) - Reflected in mariotti94/webrisc-v
Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into websites. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execut...
Cross-site Scripting (XSS) - Stored in jspark311/buriedunderthenoisefloor
Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into websites. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execut...
IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2021-87016)
IBM Sterling B2B Integrator is a suite of software from IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities. IBM Sterling B2B Integrator Standard Edition has a cross-site...
Cross-site Scripting (XSS) - Stored in yeswiki/yeswiki
Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into websites. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execut...
Cross-site Scripting (XSS) - Reflected in yeswiki/yeswiki
Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into websites. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execut...
Cross-site Scripting (XSS) - Reflected in craigk5n/webcalendar
Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into websites. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execut...
Cross-site Scripting (XSS) - Stored in craigk5n/webcalendar
Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into websites. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execut...
Cross-site Scripting (XSS) - Reflected in collectiveaccess/providence
Description: Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites Proof of Concept // PoC.js POC --...
Cross-site Scripting (XSS) - Reflected in opensourcepos/opensourcepos
Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites Proof of Concept // PoC POST Request: https://demo.opensourcepos.org/messages/send/ Data:...
Cross site scripting
The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link...
CVE-2021-22016
CVE-2021-22016 affects VMware vCenter Server and involves a reflected cross-site scripting (XSS) vulnerability caused by insufficient input sanitization. An attacker could lure a user to click a crafted link and have malicious scripts run in the victim’s browser. Public details in connected sourc...
Cross-site Scripting (XSS) - Stored in zikula-modules/mediamodule
Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. Proof of Concept // PoC.js Steps to reproduce : 1 -- Go to link -- https://demo.ziku.la/media/media/create/paste/url 2 -- Inject Payload in...
Cross-site Scripting (XSS) - Reflected in zikula/core
Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites Proof of Concept // PoC Request: POST /permissions/test HTTP/1.1 Host: demo.ziku.la Cookie: zsid=qk60gkn4dmhgrjc6io2kt3dij4 User-Agent:...
Cross-site Scripting (XSS) - Reflected in dmpop/mejiro
Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into websites. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execut...