6664 matches found
CVE-2022-20839
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...
CVE-2022-20836
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...
CVE-2022-20835
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...
CVE-2022-20834
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...
CVE-2022-20834
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...
CVE-2022-20834
CVE-2022-20834 affects Cisco Firepower Management Center (FMC) web-based management interface. The issue is due to insufficient validation of user-supplied input in the FMC UI, enabling an authenticated, remote attacker to perform a stored XSS attack. Impact ranges from arbitrary script execution...
Cross site scripting
A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the Cisco Umbrella dashboard. This vulnerability is due to unsanitized user input. An attacker could exploit this...
CVE-2022-20969
A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the Cisco Umbrella dashboard. This vulnerability is due to unsanitized user input. An attacker could exploit this...
Cross-Site Scripting (XSS)
Apache Sling - CMS UI is vulnerable to cross-site scripting. The vulnerability exists due to improper neutralization, allowing an attacker to inject and execute malicious HTML and script code through the taxonomy management feature...
Cisco Identity Services Engine Stored XSS (cisco-sa-ise-stor-xss-kpRBWXY)
According to its self-reported version, Cisco Identity Services Engine Stored is affected by a cross-site scripting vulnerability. This could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected...
Cisco Identity Services Engine XSS (cisco-sa-ise-xss-twLnpy3M)
According to its self-reported version, Cisco Identity Services Engine is affected by a cross-site scripting XSS vulnerability due to insufficient input validation in the External RESTful Services ERS API. An attacker could exploit this vulnerability by persuading an authenticated administrator o...
Cross site scripting
A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser ...
CVE-2022-37892
A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a...
WordPress Plugin Testimonial Slider and Showcase 2.2.6 - Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Testimonial Slider and Showcase 2.2.6 - Stored Cross-Site Scripting XSS Date: 05/08/2022 Exploit Author: saitamang , yunaranyancat , syad Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/plugins/testimonial-slider-and-showcase/ Version:...
CVE-2022-20869
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management...
CVE-2022-20869 Cisco BroadWorks Application Delivery Platform Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management...
CVE-2022-20869 Cisco BroadWorks Application Delivery Platform Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management...
WordPress Testimonial Slider And Showcase 2.2.6 Cross Site Scripting Vulnerability
Exploit Title: Stored XSS in posttitle parameter in WordPress Plugin "Testimonial Slider and Showcase" 2.2.6 Exploit Author: saitamang , yunaranyancat , amdsyad Vendor Homepage: wordpress Software Link: https://wordpress.org/plugins/testimonial-slider-and-showcase/ Version: 2.2.6 Tested on: Cento...
Cross site scripting
A vulnerability, which was classified as problematic, was found in SourceCodester Online Admission System. Affected is an unknown function of the file index.php. The manipulation of the argument eid with the input 8alert1 leads to cross site scripting. It is possible to launch the attack remotely...
GHSA-62WH-M4JR-233R Moodle LTI module reflected XSS risk
A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's brows...