CVE-2024-23817 Dolibarr Application Home Page HTML injection vulnerability

Dolibarr is an enterprise resource planning ERP and customer relationship management CRM software package. Version 18.0.4 has a HTML Injection vulnerability in the Home page of the Dolibarr Application. This vulnerability allows an attacker to inject arbitrary HTML tags and manipulate the rendere...

Stored Cross Site Scripting (XSS)

WSO2 is vulnerable to Stored Cross Site Scripting XSS. The vulnerability is due to improper output encoding. This issue can be exploited by an attacker by injecting malicious JavaScript payloads into the Registry feature of the Management Console...

GHSA-RFQ3-WPJH-PPVG WSO2 Registry Stored Cross Site Scripting (XSS) vulnerability

WSO2 Registry has been identified as vulnerable due to improper output encoding, a Stored Cross Site Scripting XSS attack can be carried out by an attacker injecting a malicious payload into the Registry feature of the Management Console...

WSO2 Registry Stored Cross Site Scripting (XSS) vulnerability

WSO2 Registry has been identified as vulnerable due to improper output encoding, a Stored Cross Site Scripting XSS attack can be carried out by an attacker injecting a malicious payload into the Registry feature of the Management Console...

CVE-2023-6911

Multiple WSO2 products have been identified as vulnerable due to improper output encoding, a Stored Cross Site Scripting XSS attack can be carried out by an attacker injecting a malicious payload into the Registry feature of the Management Console...

Cross site scripting

Multiple WSO2 products have been identified as vulnerable due to improper output encoding, a Stored Cross Site Scripting XSS attack can be carried out by an attacker injecting a malicious payload into the Registry feature of the Management Console...

The vulnerability of the macOS iTerm2 terminal emulator relates to a lack of mechanisms for encoding or blocking output data, allowing a hacker to execute arbitrary code.

The vulnerability of the terminal emulator for the macOS operating system, iTerm2, is related to a lack of mechanisms for encoding or blocking output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent lies in the lack of mechanisms for encoding or shielding output data. This allows attackers to perform arbitrary actions.

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

CVE-2023-4667

The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The stored malicious script is then executed when the GUI is opened by any users of the webserver administration interface. The root cause of the vulnerability is inadequate...

Input validation

The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The stored malicious script is then executed when the GUI is opened by any users of the webserver administration interface. The root cause of the vulnerability is inadequate...

CVE-2023-4667 Stored Cross Site Scripting in webserver administration

The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The stored malicious script is then executed when the GUI is opened by any users of the webserver administration interface. The root cause of the vulnerability is inadequate...

CVE-2023-4667 Stored Cross Site Scripting in webserver administration

The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The stored malicious script is then executed when the GUI is opened by any users of the webserver administration interface. The root cause of the vulnerability is inadequate...

IDEMIA SIGMA Cross-Site Scripting Vulnerability

IDEMIA SIGMA is a slim and powerful touch fingerprint device from IDEMIA, France. A security vulnerability exists in IDEMIA SIGMA, which stems from insufficient input validation and output encoding, and a stored cross-site scripting vulnerability that could lead to unauthorized access and data...

PT-2023-30152 · Unknown · Pac Device

Name of the Vulnerable Software and Affected Versions: PAC Device affected versions not specified Description: The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The stored malicious script is then executed when the GUI is...

PT-2023-7274 · Ibm · Ibm Qradar Wincollect Agent

Name of the Vulnerable Software and Affected Versions: IBM QRadar WinCollect Agent versions 10.0 through 10.1.7 Description: The issue is related to a lack of proper output encoding or escaping in the IBM QRadar WinCollect Agent, which could allow an attacker to gain unauthorized access to...

XSS Vulnerabilities in Search Functionality and Course Tags

Description 1. XSS via Image Error in Search Box: - This vulnerability allows an attacker to execute a Cross-Site Scripting XSS attack through the search functionality of the web application. When a user performs a search, the application attempts to display an image related to the search query...

Wing FTP Server Security Vulnerability

Wing FTP Server is a cross-platform FTP server software. A security vulnerability exists in Wing FTP Server 7.2.0 and prior versions, which stems from an incorrect output encoding of the User Web Client, resulting in a cross-site scripting XSS vulnerability...

CVE-2023-39096

WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting XSS vulnerability due to lack of input validation and output encoding...

CVE-2023-39096

WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting XSS vulnerability due to lack of input validation and output encoding...

CVE-2023-39096

WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting XSS vulnerability due to lack of input validation and output encoding...