Cross site scripting

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due...

Cross site scripting

A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain...

User Access Manager <= 2.0.8 - Authenticated Reflected Cross-Site Scripting (XSS)

Not patched in 2.0.0 despite what the advisory states. PoC http://www.example.com/wp-admin/admin.php?page=uamusergroupaction=editusergroup=1%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3E%3C%22...

CVE-2016-9457

Revive Adserver before 3.2.3 suffers from Reflected XSS. www/admin/stats.php is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed, such as setPerPage, pageId, bannerid, periodstart, periodend, and possibly others...

CVE-2016-1000126

Reflected XSS in wordpress plugin admin-font-editor v1.8...

Mail.ru: XSS in https://e.mail.ru/cgi-bin/lstatic (Limited use)

Искал, своими методами, урлы с возможными уязвимостями. Используя google dork: site:mail.ru inurl:ajaxcall, нашёл вот такой: https://e.mail.ru/cgi-bin/lstatic?ajaxcall=1&x-email=oblaka63%40mail.ru&get=balloon&name=14&lang=ruRU&SpamBallonExp=0&SettingsOn=1&staticDomainName=imgsmail.ru Сразу привлё...

Reflected XSS in Create Issue Details page

The Create Issue Detail page is vulnerable to reflected XSS. 1. Login to https://$JIRA/ 2. Visit https://$JIRA/secure/CreateIssueDetails.jspa?reporter="alert'XSS'alert'XSS'p+name%3D"&pid=10000&issuetype=2...

XSS (reflected) in fieldsKeys parameter of GHCreateNewIssue.jspa

Targets: https://test01.jira-dev.com/secure/GHCreateNewIssue.jspa?key=&issueType=7&fieldsKeys=priority,customfield10006,summary,fixVersions,components,customfield10005,assignee,customfield10004,reporter,customfield100039fd29alert'XSS'15d31825f8e9d6606&fieldsValues=1@%@...

XSS Vulnerability in Facebook Translations !

Summary The Facebook Translations tool's search feature was vulnerable to a simple reflected XSS attack. How did it work? The Translations tool allows users to perform phrase searches within translations. In this case, when a search query returned 0 results, the script displayed a message "Your...

Project Forum 6.5.2.2978 Cross Site Request Forgery / Cross Site Scripting

!--========================================================================================================= //\ /\ /\ /\ /\ /\ ///\ //\ /\ /\///\ // \ // //\ \ / //\ \ / // //\ \ /\\ \ \ \ / / / / // \ \ // // // // \ // //\ \\ \ // /// \ \ / \ / // / // / / / / / \ \ / / / ...