6665 matches found
Cross site scripting
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to...
CVE-2020-3282 Cisco Unified Communications Products Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to...
CVE-2020-3282 Cisco Unified Communications Products Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to...
Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...
Cisco Data Center Network Manager Multiple Stored Cross-Site Scripting Vulnerablities (June 2020)
A stored cross-site scripting XSS vulnerabilities exists in web-based management interface of Cisco Data Center Network Manager DCNM due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker, administrative credentials can exploit this, by...
CVE-2020-3354
A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability is due to insufficient inpu...
WordPress < 5.4.2
According to its self-reported version number, the installation of WordPress installed on the remote host is affected by multiple vulnerabilities: - Multiple cross-site scripting XSS vulnerabilities exist in Wordpress due to improper validation of user-supplied input before returning it to users...
Cross site scripting
A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based Local Manager interface of an affected device. The attacker must have...
CVE-2020-3233 Cisco IOx Application Framework Local Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based Local Manager interface of an affected device. The attacker must have...
CVE-2020-3233
CVE-2020-3233 describes a stored cross-site scripting (XSS) vulnerability in Cisco IOx Application Framework’s web-based Local Manager interface. An authenticated user with Local Manager credentials can inject malicious code via the System Settings tab due to insufficient input validation, leadin...
CVE-2020-3233 Cisco IOx Application Framework Local Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based Local Manager interface of an affected device. The attacker must have...
Security Updates for Microsoft Dynamics NAV (Dec 2018)
The Microsoft Dynamics NAV install is missing a security update. It is, therefore, affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this, by sending a specially crafte...
CVE-2020-3313 Cisco Firepower Management Center Cross-Site Scripting Vulnerability
A vulnerability in the web UI of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the FMC Software. The vulnerability is due to insufficient validatio...
KeeWeb v1.14.0 - (Notes) Html Inject Web Vulnerability
Document Title: =============== KeeWeb v1.14.0 - Notes Html Inject Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2237 Release Date: ============= 2020-05-05 Vulnerability Laboratory ID VL-ID: ==================================== 2237...
Input validation
Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue...
CVE-2020-5737
Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue...
CVE-2019-16010 Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability
A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of...
CVE-2019-16010 Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability
A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of...
Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability (cisco-sa-prime-collab-xss-RjRCe9n7)
According to its self-reported version, Cisco Prime Collaboration Provisioning is affected by a cross-site scripting vulnerability in the web-based management interface due to insufficient validation of user-supplied input. An unauthenticated, remote attacker could exploit this by persuading a us...
Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability
A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of...