WordPress template list view cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports the PHP and MySQL servers to set up a personal blog site. template list view is one of the list view template. A cross-site scripting vulnerability exists in the...

IBM Cúram Social Program Management Cross-Site Scripting Vulnerability (CNVD-2017-33074)

IBM Curam Social Program Management SPM is a suite of social program management solutions from IBM USA. The solution supports the process of end-to-end social program delivery. A cross-site scripting vulnerability exists in IBM Curam SPM. A remote attacker could exploit this vulnerability to inje...

PYSEC-2017-17

Multiple cross-site scripting XSS vulnerabilities in the administration pages in Kallithea before 0.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 first name or 2 last name user details, or the 3 repository, 4 repository group, or 5 user group description...

SugarCRM Cross-Site Scripting Vulnerability

SugarCRM Professional is a professional version of an open source customer relationship management system CRM from SugarCRM USA. The system supports differentiated marketing for different customer needs, managing and distributing sales leads, and enabling information sharing and tracking of sales...

Kohana Security Component Cross-Site Scripting Vulnerability

Kohana is the Kohana team developed a set of MVC model based on the construction of PHP5 framework. security component is one of the security components . A cross-site scripting vulnerability exists in the Security component of Kohana versions prior to 3.3.6. A remote attacker can inject arbitrar...

dayrui FineCms 'oauth' function cross-site scripting vulnerability

dayrui FineCms is China Tianrui dayrui program design team released a set of content management system CMS using MVC architecture and PDO database interface development. A cross-site scripting vulnerability exists in the 'oauth' function of the controllers/member/api.php file in version 5.0.11 of...

dayrui FineCms 'checktitle' Function Cross-Site Scripting Vulnerability

dayrui FineCms is China Tianrui dayrui program design team released a set of content management system CMS using MVC architecture and PDO database interface development. A cross-site scripting vulnerability exists in the 'checktitle' function in the controllers/member/api.php file in version 5.0....

dayrui FineCms 'out' function cross-site scripting vulnerability

dayrui FineCms is China Tianrui dayrui program design team released a set of content management system CMS using MVC architecture and PDO database interface development. A cross-site scripting vulnerability exists in the 'out' function of the controllers/member/Login.php file in version 5.0.11 of...

ForgeRock OpenIDM Admin UI Cross-Site Scripting Vulnerability

ForgeRock OpenIDM is an extensible set of identity management tools for managing the identity lifecycle and provisioning issues from ForgeRock, Inc. The Admin UI is one of the backend management interfaces. orgeRock OpenID Admin UI is vulnerable to a cross-site scripting vulnerability. A remote...

ONOS Cross-Site Scripting Vulnerability

ONOS is an open source SDN network operating system. A cross-site scripting vulnerability exists in ONOS versions 1.8.0, 1.9.0, and 1.10.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

Paessler PRTG Network Monitor Cross-Site Scripting Vulnerability

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler AG, Germany. A cross-site scripting vulnerability exists in the DEVICES OR SENSORS feature in versions prior to Paessler PRTG Network Monitor 17.3.33.2654. A remote attacker can exploit this...

MISP Cross-Site Scripting Vulnerability

MISP is a suite of open source software solutions for collecting, storing, distributing and sharing cybersecurity metrics and threats cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in the app/View/Helper/CommandHelper.php file in versions of MISP...

CVE-2017-9816

Cross-site scripting XSS vulnerability in Paessler PRTG Network Monitor before 17.2.32.2279 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-6776

A vulnerability in the web framework of Cisco Elastic Services Controller ESC could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. The vulnerability is due to insufficient validation of user-supplied input by the affecte...

Cisco AnyConnect Secure Mobility Client Software Cross-Site Scripting Vulnerability

The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. Cisco AnyConnect Secure Mobility Client suffers from a cross-site scripting vulnerability in the WebLaunch feature, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code...

Synology Video Station Cross-Site Scripting Vulnerability

Synology Video Station is a video manager from Synology.Video Metadata Editor is one of the video metadata editors. A cross-site scripting vulnerability exists in Video Metadata Editor in Synology Video Station versions prior to 2.3.0-1435. A remote attacker can exploit the vulnerability to injec...

Liferay Portal CE Cross-Site Scripting Vulnerability (NVD-C-2017-97626)

Liferay Portal is a J2EE-based portal solution from Liferay, Inc. The solution uses EJB as well as JMS and other technologies , and can be used as a Web publishing and sharing workspaces , enterprise collaboration platforms , social networks and so on. A cross-site scripting vulnerability exists ...

Pegasystem PEGA Platform Cross-Site Scripting Vulnerability

Pegasystem PEGA Platform is a suite of application development platforms from Pegasystem UK. The platform is used to develop applications for BPM Business Process Management, Case Management, Real Time Decision Making and CRM Customer Relationship Management. A cross-site scripting vulnerability...

CVE-2017-2285

Cross-site scripting vulnerability in Simple Custom CSS and JS prior to version 3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

MODX Revolution System Settings Module Cross-Site Scripting Vulnerability

MODX Revolution is the United States MODX company's set of PHP-based open source content management system CMS. The system supports online collaboration , search engine optimization SEO, add-ons , etc. System Settings module is one of the system settings module . A cross-site scripting...