6665 matches found
Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected software. The vulnerabilities are due...
Joomla! prior to 3.9.3 Cross-Site Scripting (XSS) Vulnerability
According to its self-reported version number, the Joomla! installation running on the remote web server is prior to 3.9.3. In versions prior to 3.9.3, a cross-site scripting XSS vulnerability exists due to improper validation of user-supplied input before returning it to users. An unauthenticate...
Cross site scripting
A vulnerability in the Security Assertion Markup Language SAML single sign-on SSO interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerability is due to...
CVE-2019-1685 Cisco Unity Connection Reflected Cross-Site Scripting Vulnerability
A vulnerability in the Security Assertion Markup Language SAML single sign-on SSO interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerability is due to...
Cross site scripting
A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...
CVE-2019-1665
A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...
CVE-2019-1665 Cisco Hyperflex Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...
Cisco Unity Connection Reflected Cross-Site Scripting Vulnerability
A vulnerability in the Security Assertion Markup Language SAML single sign-on SSO interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerability is due to...
Cisco Hyperflex Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...
Cisco Prime Infrastructure Cross-Site Scripting Vulnerability (cisco-sa-20190123-cpi-xss)
The Cisco Prime Infrastructure application running on the remote host is affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to click a...
Cross site scripting
Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. An authenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a user's browser...
CVE-2019-3923
Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. An authenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a user's browser...
Microsoft Team Foundation Server CVE-2019-0742 Cross Site Scripting Vulnerability
Description Microsoft Team Foundation Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to insert and display spoofed content and to execute arbitrary script code in the browser of an unsuspecting...
Microsoft SharePoint Server CVE-2019-0670 Spoofing Vulnerability
Description Microsoft SharePoint Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft...
Debian DLA-1669-1 : libreoffice security update
Alex Infuehr discovered a directory traversal vulnerability which could result in the execution of Python script code when opening a malformed document. For Debian 8 'Jessie', this problem has been fixed in version 1:4.3.3-2+deb8u12. We recommend that you upgrade your libreoffice packages. NOTE:...
[SECURITY] [DLA 1669-1] libreoffice security update
Package : libreoffice Version : 1:4.3.3-2+deb8u12 CVE ID : CVE-2018-16858 Alex Infuehr discovered a directory traversal vulnerability which could result in the execution of Python script code when opening a malformed document. For Debian 8 "Jessie", this problem has been fixed in version...
CVE-2019-1661
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is d...
CVE-2019-1671
A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to...
CVE-2019-1671 Cisco Firepower Management Center Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to...
CVE-2019-1661 Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is d...