Cross site scripting

A vulnerability in the NX API NX-API Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of...

Microsoft Internet Explorer CVE-2019-0921 Spoofing Vulnerability

Description Microsoft Internet Explorer is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft...

Microsoft SharePoint Server CVE-2019-0949 Spoofing Vulnerability

Description Microsoft SharePoint Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft...

Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability

Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an cross-site scripting vulnerability because they fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Siemens SCALANCE X Switches XSS

Binary data 720143.prm...

Joomla! prior to 3.9.6 Cross-Site Scripting (XSS) Vulnerability

According to its self-reported version number, the Joomla! installation running on the remote web server is prior to 3.9.6. In versions prior to 3.9.6, a cross-site scripting XSS vulnerability exists due to improper validation of user-supplied input before returning it to users. An unauthenticate...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance PCA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to the...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplied input...

CVE-2019-1852 Cisco Prime Network Registrar Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplied input...

CVE-2019-1852 Cisco Prime Network Registrar Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplied input...

Cisco Application Policy Infrastructure Controller Web-Based Management Interface Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability...

Cisco Prime Network Registrar Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplied input...

CVE-2019-1802

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to...

CVE-2019-1777

A vulnerability in the web-based interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the service. The vulnerability is due to insufficient validation of user-supplied input by the...

CVE-2019-1719

A vulnerability in the web-based guest portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied...

Cross site scripting

A vulnerability in the URL block page of Cisco Umbrella could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user in a network protected by Umbrella. The vulnerability is due to insufficient validation of input parameters passed to that page. An...

Cross site scripting

A vulnerability in the web-based guest portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied...

CVE-2019-1802 Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to...

CVE-2019-1719 Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the web-based guest portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied...

CVE-2019-1719 Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the web-based guest portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied...