OWASP AntiSamy CVE-2017-14735 Cross Site Scripting Vulnerability

Description OWASP AntiSamy is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the...

Cross site scripting

A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation...

CVE-2017-12248

A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation...

WordPress < 4.8.2 Multiple Vulnerabilities

According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.8.2. It is, therefore, affected by multiple vulnerabilities : - A flaw in $wpdb-prepare can create unsafe queries leading to potential SQL injection flaws with plugins and theme...

Cisco Firepower Management Center Multiple XSS

The version of Cisco Firepower Management Center installed on the remote host is equal or prior to 6.0.1.3. It is, therefore, affected by multiple cross-site scripting vulnerabilities: - A reflected cross-site scripting vulnerability in the web-based management interface due to improper validatio...

Microsoft Edge CVE-2017-8735 Spoofing Vulnerability

Description Microsoft Edge is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Edge...

Microsoft Internet Explorer CVE-2017-8733 Spoofing Vulnerability

Description Microsoft Internet Explorer is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Internet Explorer 9, 10 and 11 are...

Microsoft Edge CVE-2017-8724 Spoofing Vulnerability

Description Microsoft Edge is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Edge...

Microsoft SharePoint CVE-2017-8745 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

CVE-2017-12220

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

vBulletin Forum 'forum/help' Page XSS Vulnerability

vBulletin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Cross site scripting

A vulnerability in the web framework of Cisco Elastic Services Controller ESC could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. The vulnerability is due to insufficient validation of user-supplied input by the affecte...

Cisco Adaptive Security Appliance WebVPN Cross-Site Scripting Vulnerability (CSCve19179)

According to its self-reported version and configuration, the Cisco Adaptive Security Appliance ASA software running on the remote device is affected by a vulnerability in the web-based management interface of Cisco Adaptive Security Appliance ASA that could allow an authenticated, remote attacke...

Quali CloudShell 7.1.0.6508 (Patch 6) - Persistent Cross-Site Scripting

Vulnerability type: Multiple Stored Cross Site Scripting Vendor: Quali Product: CloudShell Affected version: v7.1.0.6508 Patch 6 Patched version: v8 and up Credit: Benjamin Lee CVE ID: CVE-2017-9767 ========================================================== Overview Quali CloudShell v7.1.0.6508...

Microsoft Internet Explorer CVE-2017-8625 Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Internet Explorer 11 is vulnerable. Technologies...

CVE-2017-6761

A vulnerability in the web-based management interface of Cisco Finesse 10.61 and 11.51 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance ASA 9.16.11 and 9.41.2 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device, aka WebVPN XSS...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Finesse 10.61 and 11.51 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance ASA 9.51 could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...