6665 matches found
Python CVE-2019-16935 CRLF Multiple Cross Site Scripting Vulnerabilities
Description Python is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...
V-SOL GPON/EPON OLT Platform 2.03 Cross Site Scripting
V-SOL GPON/EPON OLT Platform v2.03 Reflected XSS Vulnerability Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Affected version: V2.03.62RIPv6 V2.03.54R V2.03.52R V2.03.49 V2.03.47 V2.03.40 V2.03.26 V2.03.24 V1.8.6 V1.4 Summary: GPON is...
Cross site scripting
A vulnerability in the web framework code of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected software. The vulnerability is due to insufficient input validation of some...
Cross site scripting
A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to...
CVE-2019-12667
CVE-2019-12667 affects Cisco IOS XE Software with stored XSS in the web interface’s web framework due to insufficient input validation of parameters. An authenticated user could be targeted by phishing or spoofed requests to inject script, potentially executing code in the browser context or acce...
Atlassian JIRA 7.7.x < 7.13.1 XSS vulnerability (JRASERVER-69238)
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 7.13.1. It is therefore, potentially affected by a cross-site scripting XSS vulnerability in the cyclePeriod parameter due to improper validation of user-supplied input data. ...
IBM WebSphere Portal XSS Vulnerability (CVE-2018-1673)
The version of IBM WebSphere Portal installed on the remote Windows host is affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to click a...
Microsoft Exchange Server CVE-2019-1266 Spoofing Vulnerability
Description Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Exchan...
WordPress Checklist 1.1.5 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Checklist 1.1.5 Checklist is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
WordPress Ellipsis Human Presence Technology 2.0.8 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Ellipsis human presence technology 2.0.8 Ellipsis human presence technology is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage...
CVE-2019-12644
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability exists...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability exists...
CVE-2019-12644 Cisco Identity Services Engine Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability exists...
Atlassian JIRA 7.x.x < 7.13.1 / 8.0.0 Cross-Site Scripting (XSS) Vulnerability (SB18-141)
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is potentially affected by a cross-site scripting vulnerability which allows a reflected cross-site scripting XSS attack. This flaw exists because the activity stream gadget does not...
WordPress API Bearer Auth 20181229 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications WordPress API Bearer Auth 20181229 Cross Site Scripting Vulnerability Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Api bearer auth 20181229 Api bearer auth is prone to a reflected cross-site scripting vulnerability...
Cisco Identity Services Engine Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability exists...
WordPress Spryng Payments WooCommerce 1.6.7 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Spryng payments woocommerce 1.6.7 Spryng payments woocommerce is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to...
WordPress Portrait-Archiv.com Photostore 5.0.4 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Portrait-Archiv.com Photostore 5.0.4 Portrait-Archiv.com is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execut...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability...
CVE-2019-12626 Cisco Unified Contact Center Express Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability...