Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-06381)

Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco, which are used to configure firewall, VPN, and intrusion protection security services on Cisco networks and security devices. cross-site scripting vulnerability exists in Cisco Security Manager, which can ...

uDoctorAppointment v2.1.1 - Multiple XSS Vulnerabilities

Document Title: =============== uDoctorAppointment v2.1.1 - Multiple XSS Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2288 Release Date: ============= 2021-12-15 Vulnerability Laboratory ID VL-ID: ====================================...

Nextcloud Talk Cross-Site Scripting Vulnerability (CNVD-2022-18416)

Nextcloud Talk, a self-hosted local audio/video and chat communication service from Germany-based Nextcloud, is vulnerable to a cross-site scripting vulnerability that could be exploited by remote attackers to inject and execute arbitrary HTML and script code in the user's browser within the...

Liferay Portal 7.3.2 < 7.3.6 XSS

Liferay Portal 7.3.2 prior to 7.3.6 is affected by a cross-site scripting XSS vulnerability in its redirect module component due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to click a...

Open-xchange OX App Suite Cross-Site Scripting Vulnerability (CNVD-2021-90764)

Open-xchange OX App Suite is a Web cloud desktop environment from Open-Xchange Open-xchange, a US-based company. The environment allows users to more intuitively manage email, tasks, files, etc. A cross-site scripting vulnerability exists in Open-xchange OX App Suite, which can be exploited by...

Open-xchange OX App Suite Cross-Site Scripting Vulnerability (CNVD-2021-90761)

Open-xchange OX App Suite is a Web cloud desktop environment from Open-Xchange Open-xchange, a US-based company. The environment allows users to more intuitively manage email, tasks, files, etc. A cross-site scripting vulnerability exists in Open-xchange OX App Suite, which can be exploited by...

Open-xchange OX App Suite Cross-Site Scripting Vulnerability (CNVD-2021-90759)

Open-xchange OX App Suite is a web-based cloud desktop environment from Open-Xchange Open-xchange, a US-based company. The environment allows users to more intuitively manage email, tasks, files, etc. A cross-site scripting vulnerability exists in Open-xchange OX App Suite, which can be exploited...

Cisco Adaptive Security Appliance XSS (cisco-sa-asaftd-xss-webui-gQLSFyPM)

According to its self-reported version, Cisco ASA Software is affected by a cross-site scripting XSS vulnerability in its web services interface due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a us...

OX App Suite 7.10.5 Cross Site Scripting / Information Disclosure Vulnerability

OX App Suite versions 7.10.5 and below suffer from cross site scripting and information disclosure vulnerabilities. Product: OX App Suite Vendor: OX Software GmbH Internal reference: OXUIB-872 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.5 and earlier Vulnerable...

CVE-2021-24834

The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is...

Cross site scripting

The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability, which exists in the Admin preview module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is due to...

Cross site scripting

The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is...

Cisco Prime Infrastructure Stored XSS (cisco-sa-pi-epnm-xss-U2JK537j)

The version of Cisco Prime Infrastructure installed on the remote host is prior to 3.10. It is, therefore, affected by a stored cross-site scripting XSS vulnerability in its web-based management interface due to improper validation of user-supplied input before returning it to users. An...

CVE-2021-40115

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

CVE-2021-34784

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an...

CVE-2021-34784 Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an...

CVE-2021-34784 Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an...

CVE-2021-40115 Cisco Webex Video Mesh Cross-Site Scripting Vulnerability

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

CVE-2021-40115 Cisco Webex Video Mesh Cross-Site Scripting Vulnerability

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...