Multiple Apple products WebKit cross-site scripting vulnerability (CNVD-2018-21002)

Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser shipped with the Mac OS X and iOS operating systems. iTunes for Windows is a media player and application for the Windows platform. WebKit is one of the web browser engine components...

SAP NetWeaver WebDynpro Java Cross-Site Scripting Vulnerability

SAP Enterprise Financial Services is a set of enterprise financial services solutions from SAP. A cross-site scripting vulnerability exists in SAP NetWeaver, which arises from a failure to properly sanitize user-supplied input and can be exploited by a remote attacker to execute arbitrary script...

Cisco Tetration Analytics Cross-Site Scripting Vulnerability

Cisco Tetration Analytics is a hybrid cloud workload protection solution. The product features trust whitelisting, software vulnerability detection and network performance monitoring. A cross-site scripting vulnerability exists in the web-based management interface in Cisco Tetration Analytics,...

Cisco Small Business 300 Series (Sx300) Managed Switches Cross-Site Scripting Vulnerability

Cisco Small Business 300 Series Sx300 Managed Switches is a 300 series switch device from the American company Cisco Cisco. A cross-site scripting vulnerability exists in the web-based management interface of the Cisco Small Business 300 Series Sx300 Managed Switches, which stems from the interfa...

CA API Developer Portal Cross-Site Scripting Vulnerability (CNVD-2018-17503)

CA API Developer Portal is a set of CA's API Application Programming Interface query function for software developers. A cross-site scripting vulnerability exists in CA API Developer Portal version 4.x, versions prior to 4.2.5.3, and versions prior to 4.2.7.1, which originates when the program...

IBM Rational DOORS Next Generation Cross-Site Scripting Vulnerability

IBM Rational DOORS Next Generation DNG/RRC is a suite of software for capturing, tracking, analyzing, and managing requirements from IBM, USA. The software provides a single platform for global team collaboration to manage requirements more efficiently, sharing unified users, servers and project...

Subrion cross-site scripting vulnerability (CNVD-2018-14782)

Subrion CMS is a PHP-based content management system CMS developed by the Subrion team. The system can be integrated into a website and supports a wide range of extensions plug-ins and more. A cross-site scripting vulnerability exists in uploads/.htaccess in Subrion CMS version 4.2.1, which stems...

Cisco Webex Cross-Site Scripting Vulnerability (CNVD-2018-14204)

Cisco WebEx is the United States Cisco Cisco company's set of Web conferencing tools, the tool can assist off-site office workers to coordinate and collaborate.WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging IM. A cross-site scripting...

Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability

Microsoft Active Directory Federation Services ADFS is an Active Directory Federation Service from Microsoft. The service provides Web Single Sign-On SSO technology, which enables authentication of a user to multiple websites or applications during a single session. A cross-site scripting...

Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2018-12400)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A cross-site scripting vulnerability exists in Mozilla Firefox versions prior to 59, where the program fails to properly validate user-submitted input. The vulnerability can be exploited by a...

CA Privileged Access Manager Cross-Site Scripting Vulnerability

CA Privileged Access Manager is a privileged access manager from CA USA that centralizes privileged user policies across multiple physical and virtual environments and manages and controls access used to IT resources. A cross-site scripting vulnerability exists in version 2.x of CA Privileged...

CVE-2018-9027

A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link...

Security Bulletin: Multiple vulnerabilities in IBM SPSS Collaboration and Deployment Services

Summary Multiple vulnerabilities exist in IBM SPSS Collaboration and Deployment Services. See the individual descriptions for details. Vulnerability Details VULNERABILITY DETAILS: CVEID: CVE-2013-4044 DESCRIPTION: An authenticated remote attacker can send a HTTP request to retrieve the content of...

Mozilla Firefox Design Vulnerability

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in the Live Bookmark page and PDF reader in versions of Mozilla Firefox prior to 60. A remote attacker can exploit this vulnerability by performing a social...

HPE UCMDB Configuration Manager Software Cross-Site Scripting Vulnerability

HPE UCMDB full name Universal CMDB is the United States Hewlett Packard Enterprise HPE company's set of resource management solutions. The solution provides from the bottom up including IT infrastructure auto-discovery, data modeling, service mapping definition and service impact analysis, etc...

WordPress Imagely NextGEN Gallery Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Imagely NextGen Gallery is one of the gallery management systems. A cross-site scripting vulnerability exists in Image Alt &...

Tenable Nessus Cross-Site Scripting Vulnerability (CNVD-2018-10667)

Tenable Network Security Nessus is a highly scalable open source vulnerability scanner from Tenable Network Security, USA. A cross-site scripting vulnerability exists in Tenable Network Security Nessus versions prior to 7.1.0, which stems from the program failing to properly perform input...

Mitel MiVoice Connect Cross-Site Scripting Vulnerability (CNVD-2018-08583)

Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the conference notificatio...

Mitel MiVoice Connect Cross-Site Scripting Vulnerability

Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the conference notificatio...

Cacti cross-site scripting vulnerability (CNVD-2018-08667)

Cacti is an open source, web-based network monitoring and mapping tool, a front-end application designed for the data logging tool RRDtool. Cacti suffers from a cross-site scripting vulnerability. The vulnerability arises because the getcurrentpage function in lib/functions.php relies on...