99 matches found
PT-2024-10381 · Strapi · Strapi
Name of the Vulnerable Software and Affected Versions: Strapi affected versions not specified Description: The issue is related to a lack of protection measures on web pages, allowing a remote attacker to execute arbitrary JavaScript code by uploading a specially crafted PDF file. Recommendations...
The vulnerability of Adobe Experience Manager’s content and media data management system, which exists due to the lack of measures taken to protect the website structure, allows attackers to execute arbitrary JavaScript code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of Adobe Experience Manager’s content and media data management system, which exists due to the lack of measures taken to protect the website structure, allows attackers to execute arbitrary JavaScript code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of Adobe Experience Manager’s content and media data management system, which exists due to the lack of measures taken to protect the website structure, allows attackers to execute arbitrary JavaScript code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of Adobe Experience Manager’s content and media data management system, which exists due to the lack of measures taken to protect the website structure, allows attackers to execute arbitrary JavaScript code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of Adobe Experience Manager’s content and media data management system, which exists due to the lack of measures taken to protect the website structure, allows attackers to execute arbitrary JavaScript code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of Adobe Experience Manager’s content and media data management system, which exists due to the lack of measures taken to protect the website structure, allows attackers to execute arbitrary JavaScript code.
The vulnerability of the Adobe Experience Manager AEM content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of the web-based collaboration tool for planning, creating, managing, and executing tests at all stages of the IBM Engineering Test Management cycle exists due to the lack of protective measures for the website structure. This allows attackers to execute arbitrary JavaScript code.
The vulnerability of the web-based collaboration tool for planning, creating, managing, and executing tests at all stages of the development cycle in IBM Engineering Test Management exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a...
The vulnerability of the Captive Portal function in the PAN-OS operating system allows a intruder to execute arbitrary JavaScript code.
The vulnerability of the Captive Portal function in the PAN-OS operating system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of the XWiki Platform, a platform for creating collaborative web applications, lies in the lack of protective measures for the website structure, allowing attackers to execute arbitrary JavaScript code.
The vulnerability of the XWiki Platform lies in the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code remotely...
SUSE CVE-2023-32193
A vulnerability has been identified in which unauthenticated cross-site scripting XSS in Norman's public API endpoint can be exploited. This can lead to an attacker exploiting the vulnerability to trigger JavaScript code and execute commands remotely...
PT-2023-28839
Name of the Vulnerable Software and Affected Versions Shenzhen TCL Browser TV Web BrowseHere aka com.tcl.browser version 6.65.022 dab24cc6 231221 gp Description The issue allows a remote attacker to execute arbitrary JavaScript code via the com.tcl.browser.portal.browse.activity.BrowsePageActivit...
PT-2023-19912 · Clevertap · Clevertap Cordova Plugin
Name of the Vulnerable Software and Affected Versions: CleverTap Cordova Plugin version 2.6.2 Description: The CleverTap Cordova Plugin does not correctly validate the data coming from deeplinks before using them, allowing a remote attacker to execute JavaScript code in any application that is...
CVE-2023-34835
A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable deletefile parameter...
DEBIAN-CVE-2023-22665
There is insufficient checking of user queries in Apache Jena versions 4.7.0 and earlier, when invoking custom scripts. It allows a remote user to execute arbitrary javascript via a SPARQL query...
AXIS 207W 跨站脚本漏洞
The AXIS 207W is a web camera from AXIS Sweden. The AXIS 207W network camera suffers from a cross-site scripting vulnerability that originates from a Reflected Cross-Site Scripting XSS vulnerability in the Web Management Portal, which can be exploited by a remote attacker to execute arbitrary...
CVE-2022-4286
A reflected cross-site scripting XSS vulnerability exists in System Diagnostics Manager of B&R Automation Runtime versions =3.00 and =C4.93 that enables a remote attacker to execute arbitrary JavaScript in the context of the users browser session...
The vulnerability of the microprogrammed Ethernet switches Moxa SDS-3008 lies in the insufficient protection of the web page structure, allowing attackers to execute arbitrary JavaScript code.
The vulnerability of the microprogrammed Ethernet switches from Moxa, the SDS-3008 model, is related to insufficient protection of the website structure when processing the Switch Description field in the Switch Information section. Exploiting this vulnerability allows an attacker to execute...
The vulnerability of the microprogrammed Ethernet switches Moxa SDS-3008 lies in the insufficient protection of the web page structure, allowing attackers to execute arbitrary JavaScript code.
The vulnerability of the microprogrammed Ethernet switch software from Moxa, the SDS-3008 model, is related to insufficient protection of the website structure during the processing of the Switch Location field in the Switch Information section. Exploiting this vulnerability allows an attacker to...
CVE-2022-40178
A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...