6664 matches found
Cisco Common Services Platform Collector Cross-Site Scripting Vulnerability (CNVD-2022-64194)
Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...
Cisco Common Services Platform Collector Cross-Site Scripting Vulnerability (CNVD-2022-64193)
Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...
Cisco Common Services Platform Collector Cross-Site Scripting Vulnerability (CNVD-2022-64197)
Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...
Cisco Common Services Platform Collector跨站脚本漏洞(CNVD-2022-50665)
Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...
Cisco Common Services Platform Collector跨站脚本漏洞(CNVD-2022-50666)
Cisco Common Services Platform Collector is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collector is...
Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector CSPC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient...
Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2022-54343)
Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A cross-site scripting vulnerability exists in Cybozu Garoon, which stems from insufficient cleaning of...
GHSA-8JXQ-GPMR-H4G4 imdbphp Cross-Site Scripting (XSS)
A Cross-Site Scripting XSS was discovered in imdbphp 5.1.1. The vulnerability exists due to insufficient filtration of user-supplied data name passed to the "imdbphp-master/demo/search.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...
Magmi XSS Vulnerability
A Cross-Site Scripting XSS was discovered in Magmi 0.7.22. The vulnerability exists due to insufficient filtration of user-supplied data prefix passed to the magmi-git-master/magmi/web/ajaxgettime.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the...
GHSA-3FM8-7GPF-P8FM SocialNetwork Cross-Site Scripting (XSS) vulnerability
A Cross-Site Scripting XSS was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data mail passed to the 'SocialNetwork-andrea/app/template/pwforgot.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the...
TeamPass Cross-Site Scripting (XSS)
Cross-Site Scripting XSS was discovered in TeamPass before 2.1.27.9. The vulnerability exists due to insufficient filtration of data in /sources/folders.queries.php. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website...
Strapi Cross-Site Scripting Vulnerability (CNVD-2022-47471)
Strapi is an open source content management system CMS. Strapi suffers from a cross-site scripting vulnerability that stems from insufficient filtering of user-supplied data in the file upload function, which can be exploited by remote attackers to inject and execute arbitrary HTML and script cod...
Shopware XSS Vulnerability
Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the customer and order section of the content management system backend modules. Remote attackers are able to inject malicious script code into the firstname, lastname, or order input fields to provoke persistent execution in the...
GHSA-9V3W-M552-M6FF Pi Cross-site Scripting vulnerability
A Cross-Site Scripting XSS was discovered in pi-engine/pi 2.5.0. The vulnerability exists due to insufficient filtration of user-supplied data preview passed to the pi-develop/www/script/editor/markitup/preview/markdown.php URL. An attacker could execute arbitrary HTML and script code in a browse...
Pi Cross-site Scripting vulnerability
A Cross-Site Scripting XSS was discovered in pi-engine/pi 2.5.0. The vulnerability exists due to insufficient filtration of user-supplied data preview passed to the pi-develop/www/script/editor/markitup/preview/markdown.php URL. An attacker could execute arbitrary HTML and script code in a browse...
Adobe ColdFusion 2018.x < 2018 Update 14 / 2021.x < 2021 Update 4 XSS (APSB22-22)
The version of Adobe ColdFusion installed on the remote Windows host is prior to 2018.x update 14 or 2021.x update 4. It is, therefore, affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote...
Cross site scripting
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of...
Cross site scripting
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of...
CVE-2022-20627 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of...
CVE-2022-20629 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of...