Cisco Unified Intelligence Center Cross-Site Scripting Vulnerability (CNVD-2021-26116)

Cisco Unified Intelligence Center is the United States Cisco Cisco company's set of Web-based reporting platform. The platform provides reports related to business data and call center data presentation capabilities. A security vulnerability exists in Cisco?Unified Intelligence Center Software,...

Moodle Atto Editor Cross Site Scripting

Exploit Title: Moodle Atto Editor Cross Site Scripting Date: 26.03.2021 Author: Vincent666 ibn Winnie Software Link: https://moodle.org/plugins/editoratto Tested on: Windows 10 Web Browser: Mozilla Firefox Google Dorks: inurl:/lib/editor/atto/plugins/managefiles/ or calendar/view.php?view=month M...

Cross site scripting

A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the web-based management interface of an...

CVE-2021-1374 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the web-based management interface of an...

Cisco SD-WAN Solution vManage Stored XSS (cisco-sa-20200318-vmanage-xss)

The version of Cisco SD-WAN Solution vManage installed on the remote host is affected by a vulnerability as referenced in the cisco-sa-20200318-vmanage-xss advisory. - A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a...

Cross site scripting

A remote authenticated stored cross-site scripting xss vulnerability was discovered in Aruba AirWave Management Platform versions: Prior to 8.2.12.0. A vulnerability in the web-based management interface of AirWave could allow an authenticated remote attacker to conduct a stored cross-site...

CVE-2021-26678

A remote unauthenticated stored cross-site scripting XSS vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface of ClearPass could allow an unauthenticated remote attacker to conduct a...

Cross site scripting

A remote reflected cross-site scripting XSS vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the guest portal interface of ClearPass could allow a remote attacker to conduct a reflected cross-site scripting XSS atta...

CVE-2021-26678

A remote unauthenticated stored cross-site scripting XSS vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface of ClearPass could allow an unauthenticated remote attacker to conduct a...

Cross site scripting

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient validation of user-supplied...

CVE-2021-1351 Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient validation of user-supplied...

CVE-2021-1351 Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient validation of user-supplied...

Webmin 1.890 XSS

A cross-site scripting XSS vulnerability exists in Webmin 1.890 due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's...

CVE-2020-28487

This affects the package vis-timeline before 7.4.4. An attacker with the ability to control the items of a Timeline element can inject additional script code into the generated application...

CVE-2020-28487 Cross-site Scripting (XSS)

This affects the package vis-timeline before 7.4.4. An attacker with the ability to control the items of a Timeline element can inject additional script code into the generated application...

CVE-2021-1239

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected system. The vulnerabilities exist because the...

CVE-2021-1151

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. The vulnerabilities are due to insufficient...

CVE-2021-1127

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to improper input...

CVE-2021-1127 Cisco Enterprise NFV Infrastructure Software Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to improper input...

CVE-2021-1127 Cisco Enterprise NFV Infrastructure Software Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to improper input...