CVE-2020-3515 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...

CVE-2020-3515 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...

CVE-2020-3553 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...

Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...

Cisco Emergency Responder Open Redirect XSS (cisco-sa-20200108-er-xss)

According to its self-reported version, the Cisco Emergency Responder CER is affected by a cross-site scripting vulnerability in the web-based management interface due to insufficient validation of user-supplied input. An authenticated, remote attacker could exploit this by persuading a user of t...

ZeroShell < 3.9.3 RCE Vulnerability - Active Check

ZeroShell is prone to a remote code execution RCE vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Cisco Identity Services Engine XSS (cisco-sa-ise-xxs-mf5cbYx5)

A cross-site scripting XSS vulnerability exists in Cisco Identity Services Engine web-based management interface due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this, by convincing a user to click a specially crafted UR...

Cross site scripting

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability exists because the web-based management interface does not properly...

CVE-2020-3536 Cisco SD-WAN vManage Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability exists because the web-based management interface does not properly...

CVE-2020-3320 Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficien...

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficien...

Kentico CMS < 12.0.50 XSS

According to its self-reported version number, the version of Kentico CMS on the remote host is prior to 12.0.50. It is, therefore, affected by a cross-site scripting XSS vulnerability due to the Content-Type header being inconsistent with the file extension. An unauthenticated, remote attacker c...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability exists because the...

Cross site scripting

A vulnerability in the web framework of Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of some parameters that are passed...

CVE-2019-16025 Cisco Emergency Responder Stored Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of some parameters that are passed...

CVE-2020-3137 Cisco Email Security Appliance Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability exists because the...

Cisco Data Center Network Manager Stored Cross-Site Scripting (cisco-sa-20200219-dcnm-xss)

According to its self-reported version, Cisco Data Center Network Manager is prior to version 11.31 and is, therefore, affected by a cross-site scripting vulnerability in the web-based management interface due to insufficient validation of user-supplied input. An attacker could exploit this...

Cisco Data Center Network Manager XSS (cisco-sa-dcnm-xss-JnHSWG5C)

According to its self-reported version, Cisco Data Center Network Manager is affected by a vulnerability in the web-based management interface due to a failure to properly validate user-supplied input. An authenticated, remote attacker can exploit this, by persuading a user of the interface to...

CVE-2020-3523

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability exists because the web-based management interface...

CVE-2020-3518

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of the affected software. The vulnerability exists because the...