VMware vCenter Server Cross-Site Scripting Vulnerability (CNVD-2021-74276)

Vmware VMware vCenter Server is a suite of server and virtualization management software from Vmware, Inc. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructure. vCenter Server is vulnerable to a...

Vmware VMware vCenter Server 跨站脚本漏洞

Vmware VMware vCenter Server is a suite of server and virtualization management software from Vmware, Inc. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructure. vCenter Server is vulnerable to a...

ROS-2-1276

2.1276 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

Cisco Prime Collaboration Provisioning XSS (cisco-sa-prime-collab-xss-fQMDE5GO)

According to its self-reported version, Cisco Prime Collaboration Provisioning is affected by a cross-site scripting XSS vulnerability in its web-based management interface due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can...

CVE-2021-34732

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input...

CVE-2021-34759 Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the...

CVE-2021-34732 Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input...

Cisco Application Policy Infrastructure Controller Stored XSS (cisco-sa-capic-scss-bFT75YrM)

According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by a stored cross-site scripting XSS vulnerability in its Web UI component due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can...

Cross site scripting

A stored cross-site scripting vulnerability has been discovered in : Simply Gallery Blocks with Lightbox Version – 2.2.0 & below. The vulnerability exists in the Lightbox functionality where a user with low privileges is allowed to execute arbitrary script code within the context of the...

Cisco Application Policy Infrastructure Controller Cross-Site Scripting Vulnerability (CNVD-2021-68730)

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco USA. Controller's web UI contains a stored cross-site scripting vulnerability, which can be exploited by an attacker to execute arbitrary script code or access...

Fortinet FortiSandbox Cross-Site Scripting Vulnerability

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet, Inc. The appliance provides dual sandboxing technology, a dynamic threat intelligence system, a real-time control panel and reporting, etc. The Fortinet FortiSandbox contains a cross-site scripting...

U.S. Dept Of Defense: XSS due to CVE-2020-3580 [██████]

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...

Cisco Identity Services Engine Stored XSS (cisco-sa-ise-stored-xss-TWwjVPdL)

According to its self-reported version, Cisco Identity Services Engine is affected by multiple stored cross-site scripting XSS vulnerabilities due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user...

Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability

Cisco Virtualized Voice Browser is an application from Cisco, Inc. A virtualized voice browser. Cisco Virtualized Voice Browser suffers from a cross-site scripting vulnerability that originates from the web's administrative interface not properly validating user-supplied input. An attacker could...

CVE-2021-1607

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user. These vulnerabilities exist because the web-based management interface does not...

CVE-2021-1575

A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not...

Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user. These vulnerabilities exist because the web-based management interface does not...

Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user. These vulnerabilities exist because the web-based management interface does not...