EMC RSA Certificate Manager and RSA Registration Manager Cross-Site Scripting Vulnerability (CNVD-2015-01665)

EMC RSA Certificate Manager RCM and RSA Registration Manager RRM are both products of EMC Corporation, RCM is a digital certificate management system that provides automated implementation of encryption key and digital certificate management, and RRM is a certificate registration management syste...

OpenKM Cross-Site Scripting Vulnerability

OpenKM is a document management system from OpenKM Spain. The system provides features such as version control, document history and file sharing. A cross-site scripting vulnerability exists in OpenKM version 6.4.18 build 23338, which stems from a frontend/index.jsp script that fails to adequatel...

jquery-ui: XSS vulnerability in jQuery.ui.dialog title option

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

Multiple Cross-Site Scripting Vulnerabilities in PNMsoft Sequence Kinetics

PNMsoft Sequence Kinetics is a next-generation business process management suite released by Israel-based PNMsoft that enables rapid establishment of high-availability workflow applications and close human collaboration on change while maintaining lifecycle governance. Multiple cross-site scripti...

Cross-site Scripting Vulnerability in JP1/IT Desktop Management - Manager and Hitachi IT Operations Director

Overview A cross-site scripting vulnerability was found in the online help of JP1/IT Desktop Management - Manager and Hitachi IT Operations Director. Impact Remote users can exploit a cross-site scripting vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information...

CVE-2015-2088

Cross-site scripting XSS vulnerability in unspecified administration pages in the Term Queue module before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

IBM Tivoli Endpoint Manager Web Reports Component Cross-Site Scripting Vulnerability

IBM Tivoli Endpoint Manager provides a unified, real-time visualization and implementation approach to deploying and managing patches to all endpoints. A cross-site scripting vulnerability in the Web Reports component of IBM Tivoli Endpoint Manager version 9.1.1229 prior to 9.1 can be exploited b...

McAfee Data Loss Prevention Endpoint Cross-Site Scripting Vulnerability

McAfee Data Loss Prevention Endpoint is an integrated endpoint data protection solution from McAfee. The solution prevents theft and accidental disclosure of confidential data and provides security policies for file handling and transfer, shared endpoint data flow control and data encryption. A...

JSF: XSS due to insufficient escaping of user-supplied content in outputText tags and EL expressions

It was found that Mojarra JavaServer Faces did not properly escape user-supplied content in certain circumstances. Contents of outputText tags and raw EL expressions that immediately follow script or style elements were not escaped. A remote attacker could use a specially crafted URL to execute...

Cross-site Scripting Vulnerability in Hitachi Application Server Help

Overview Hitachi Application Server Help contains a cross-site scripting vulnerability. Impact A remote attacker can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

Multiple Hitachi Products Online Help System Cross-Site Scripting Vulnerabilities

Hitachi Device Manager is a product of Hitachi, Japan. Hitachi Device Manager is a set of mobile device management software; Tiered Storage Manager is a set of tiered storage management software that can transparently migrate data between heterogeneous storage tiers; Replication Manager is a set ...

Mrs. Shiromuku Perl CGI shiromuku(u1) GUESTBOOK Cross-Site Scripting Vulnerability

Mrs. Shiromuku Perl CGI shiromukuu1 GUESTBOOK is a message board software. A cross-site scripting vulnerability exists in Mrs. Shiromuku Perl CGI shiromukuu1GUESTBOOK version 1.62 and earlier. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

Plain Black WebGUI 'style-underground/search' cross-site scripting vulnerability

WebGUI is a CMS Content Management System software that is mainly used to facilitate the publishing and maintenance of website content. A cross-site scripting vulnerability exists in Plain Black WebGUI 'style-underground/search'. This allows remote attackers to execute arbitrary web script or HTM...

EUVD-2015-1559

Multiple cross-site scripting XSS vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 horder, 2 jakcatid, 3 jakcontent, 4 jakcss, 5 jakdeletelog, 6 jakemail, 7 jakextfile, 8 jakfile, 9 jakhookshow, 10 jakimg, 11 jakjavascript, 12...

CVE-2014-9649

Cross-site scripting XSS vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled in an error message...

DEBIAN-CVE-2014-9649

Cross-site scripting XSS vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled in an error message...

Pivotal Software RabbitMQ management plugin cross-site scripting vulnerability

Pivotal Software RabbitMQ is a British company Pivotal Software's set of implementation of the Advanced Message Queuing Protocol AMQP open source messaging agent software. rabbitMQ management is one of the management plug-in . A cross-site scripting vulnerability exists in the Pivotal Software...

MediaWiki Listings Extension Cross-Site Scripting Vulnerability

MediaWiki is a Wiki program. The MediaWiki Listings page fails to adequately filter the 'name' or 'url' parameter, which can be exploited by remote attackers to inject arbitrary web script or HTML...

Wordpress plugin Joomlaskin JS Multi Hotel cross-site scripting vulnerability

WordPress is a blogging platform developed by WordPress Software Foundation using the PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.Joomlaskin JS Multi Hotel plugin is a hotel management plugin. A cross-site scripting vulnerability in the Wordpress plug...

ProjectSend Cross-Site Scripting Vulnerability

ProjectSend is a use of php to achieve the management of the project to send , based on ftp project management aspects of php source code to achieve . ProjectSend has a cross-site scripting vulnerability that allows remote attackers to inject arbitrary web script or HTML into the file upload...