CVE-2025-12776

The Report Builder component of the application stores user input directly in a web page and displays it to other users, which raised concerns about a possible Cross-Site Scripting XSS attack. Proper management of this functionality helps ensure a secure and seamless user experience. Although the...

EUVD-2025-206259

The Report Builder component of the application stores user input directly in a web page and displays it to other users, which raised concerns about a possible Cross-Site Scripting XSS attack. Proper management of this functionality helps ensure a secure and seamless user experience. Although the...

CVE-2025-12776

The Report Builder component of the application stores user input directly in a web page and displays it to other users, which raised concerns about a possible Cross-Site Scripting XSS attack. Proper management of this functionality helps ensure a secure and seamless user experience. Although the...

CVE-2025-12776

The Report Builder component of the application stores user input directly in a web page and displays it to other users, which raised concerns about a possible Cross-Site Scripting XSS attack. Proper management of this functionality helps ensure a secure and seamless user experience. Although the...

CVE-2025-12776

The CVE-2025-12776 case concerns the WebConsole Report Builder, where user input is stored directly in a web page and displayed to others, enabling a stored XSS risk. The issue is triggered when a user with edit permissions modifies a report; running the report does not execute the scripts, but e...

CVE-2025-12776 Stored Cross-Site Scripting

The Report Builder component of the application stores user input directly in a web page and displays it to other users, which raised concerns about a possible Cross-Site Scripting XSS attack. Proper management of this functionality helps ensure a secure and seamless user experience. Although the...

CVE-2025-12776 Stored Cross-Site Scripting

The Report Builder component of the application stores user input directly in a web page and displays it to other users, which raised concerns about a possible Cross-Site Scripting XSS attack. Proper management of this functionality helps ensure a secure and seamless user experience. Although the...

PT-2026-1700

Name of the Vulnerable Software and Affected Versions WebConsole affected versions not specified Description The Report Builder component stores user input directly into a web page and displays it to other users, potentially leading to a Cross-Site Scripting XSS attack. The scripts are executed...

EUVD-2018-12218

Malware in sbrugna...

EUVD-2015-7388

Malware in sbrugna...

EUVD-2019-9556

Malware in sbrugna...

CVE-2019-19968

PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content...

airtestproject (>=0.1.0 <=0.1.2), centercitypcs-utils (>=0.2.0 <=0.2.6) +22 more potentially affected by CVE-2017-5992 via openpyxl (>=1.1.0 <=2.4.11)

openpyxl PYPI version =1.1.0, =0.1.0, =0.2.0, =0.9.2, =3.1.10, =0.8.2, =0.2.0, =2.0.2, =0.260128.9, =1.3.0, =4.2.1, =0.1.0, =0.9.0, =0.10.1 and more Source cves: CVE-2017-5992 Source advisory: OSV:GHSA-CHQF-HX79-GXC6...

Security Bulletin: Security vulnerability affects the Report Builder that is shipped with Jazz Reporting Service (CVE-2021-20535)

Summary There is a security vulnerability in the Report Builder shipped with Jazz Reporting Service. Vulnerability Details CVEID: CVE-2021-20535 DESCRIPTION: IBM Jazz Reporting Service is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized...

Security Bulletin: Security vulnerability affects the Report Builder that is shipped with Jazz Reporting Service (CVE-2020-4933)

Summary There is a security vulnerability in the Report Builder shipped with Jazz Reporting Service. Vulnerability Details CVEID: CVE-2020-4933 DESCRIPTION: IBM Jazz Reporting Service is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the...

Security Bulletin: Security vulnerability affects the Report Builder that is shipped with Jazz Reporting Service (CVE-2020-4718)

Summary There is a security vulnerability in the Report Builder shipped with Jazz Reporting Service. Vulnerability Details CVEID: CVE-2020-4718 DESCRIPTION: IBM Jazz Reporting Service is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code ...

Security Bulletin: Security vulnerability affects the Report Builder that is shipped with Jazz Reporting Service (CVE-2020-4541)

Summary There is a security vulnerability in the Report Builder shipped with Jazz Reporting Service. Vulnerability Details CVEID: CVE-2020-4541 DESCRIPTION: IBM Jazz Reporting Service is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the...

IBM Jazz Reporting Service Cross-Site Scripting Vulnerability (CNVD-2020-30833)

IBM Jazz Reporting Service JRS is a suite of ready-to-use reporting components from IBM in the United States. The product includes features such as report generation, data collection and lifecycle queries. A cross-site scripting vulnerability exists in Report Builder in IBM JRS versions 7.0,...

Security Bulletin: Security vulnerability affects the Report Builder that is shipped with Jazz Reporting Service (CVE-2020-4419)

Summary There is a security vulnerability in the Report Builder shipped with Jazz Reporting Service. Vulnerability Details CVEID: CVE-2020-4419 DESCRIPTION: IBM Jazz Reporting Service is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the...

CVE-2019-19968

PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content...