CVE-2018-15457 Cisco Prime Infrastructure Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...

CVE-2018-0482 Cisco Prime Network Control System Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient...

Cisco Prime Infrastructure Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...

Cisco Prime Network Control System Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient...

Microsoft Office SharePoint CVE-2019-0557 Cross Site Scripting Vulnerability

Description Microsoft Office SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

Microsoft Dynamics NAV CVE-2018-8651 Cross Site Scripting Vulnerability

Description Microsoft Dynamics NAV is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

Microsoft Dynamics 365 CVE-2018-8606 Cross Site Scripting Vulnerability

Description Microsoft Dynamics 365 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

CVE-2018-15451

A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplie...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplie...

CVE-2018-15451 Cisco Prime Service Catalog Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplie...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Content Security Management Appliance SMA Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to...

CVE-2018-15393 Cisco Content Security Management Appliance (SMA) Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Content Security Management Appliance SMA Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to...

CVE-2018-15393 Cisco Content Security Management Appliance (SMA) Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Content Security Management Appliance SMA Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to...

Cisco Content Security Management Appliance Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Content Security Management Appliance SMA Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to...

Cisco Prime Service Catalog Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplie...

Joomla! 2.5.x < 3.7.4 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A security bypass vulnerability exists in the installer application due to a failure to properly check for ownership of a webspace. An unauthenticated, remote attacker can...

WordPress 3.8.x < 3.8.19 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists in the wpplaylistshortcode function within the /wp-includes/media.php script due to a failure to validate input passed via...

WordPress 4.7.x < 4.7.3 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists in the wpplaylistshortcode function within the /wp-includes/media.php script due to a failure to validate input passed via...

Cross site scripting

JBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. Remote attackers can entice authenticated users that have privileges to access dashbuilder usually admins to click on links to /dashbuilder/Controller containing malicious scripts. Successful exploitation would allow execution of...

Rockwell Automation Allen-Bradley CompactLogix Cross-Site Scripting (CVE-2016-2279)

A cross site scripting vulnerability has been reported in Rockwell Scada System. The vulnerability is due to lack of sanitization of user supplied input data. A remote attacker can exploit this vulnerability to execute arbitrary HTML and script code in a browser session in the context of the...