WordPress Plugin WP Master Slider Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress plugin WP Master Slider version v3.5.1, which can be exploited by an...

WordPress Plugin Event Calendar WD Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Event Calendar WD, which could allow an attacker to execu...

Unauthorized Access Vulnerability in 360 Security Guard's Blocking of Added Users

360 Security Guard is a security antivirus program. An unauthorized access vulnerability exists when 360 Security Guard blocks adding users. An attacker can exploit the vulnerability to execute scripts to bypass 360 Security Guard blocking and add users...

Security update for libgit2 (moderate)

This update for libgit2 fixes the following issues: - CVE-2018-8099: Fixed possible denial of service attack via different vectors by not being able to differentiate between these status codes bsc1085256. - CVE-2018-11235: With a crafted .gitmodules file, a malicious project can execute an...

SUSE-SU-2018:3440-1 Security update for libgit2

This update for libgit2 fixes the following issues: - CVE-2018-8099: Fixed possible denial of service attack via different vectors by not being able to differentiate between these status codes bsc1085256. - CVE-2018-11235: With a crafted .gitmodules file, a malicious project can execute an...

Mitel ST 14.2 Cross-Site Scripting Vulnerability

Mitel ST is a video conferencing product from Mitel Canada. conferencing is one of the teleconferencing components. A cross-site scripting vulnerability exists in the conferencing component of Mitel ST 14.2 GA29 19.49.9400.0 and prior versions, which stems from the program failing to adequately...

Mitel MiVoice Office 400 web admin component cross-site scripting vulnerability

Mitel MiVoice Office 400 is a small and medium-sized business communications solution from Mitel Canada. The product includes features such as video conferencing, voice calls, etc. web admin is one of the web-based management components. A cross-site scripting vulnerability exists in the web admi...

Symantec Web Isolation Cross-Site Scripting Attack Vulnerability

Symantec Web Isolation is a Web security protection software from Symantec USA. The software is mainly used to prevent malware and phishing attacks, etc. A cross-site scripting vulnerability exists in Symantec Web Isolation version 1.11. A remote attacker can exploit this vulnerability to execute...

Cisco Wireless LAN Controller Software Cross-Site Scripting Vulnerability

Cisco Wireless LAN Controller WLC is a wireless LAN controller product from Cisco USA. The product provides security policy, intrusion detection and other functions in the wireless LAN. A cross-site scripting vulnerability exists in Cisco Wireless LAN Controller Software due to a web-based...

PTC ThingWorx Platform Cross-Site Scripting Vulnerability

The PTC ThingWorx Platform is a suite of platforms for developing and deploying industrial IoT applications and augmented reality AR. A cross-site scripting vulnerability exists in SQUEAL in PTC ThingWorx Platform versions 6.5 through 8.2. A remote attacker could exploit the vulnerability to...

Wordpress plugin Wordfence 503.php page cross-site scripting vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Wordpress plugin Wordfence 503.php page, which can be exploited by an...

Cross-Site Scripting Vulnerability in Multiple Cisco Products

Cisco Webex Events Center, etc. are video conferencing solutions from Cisco USA. A cross-site scripting vulnerability exists in the web-based management interface of several Cisco products, which can be exploited by remote attackers to execute arbitrary script code in the context of the affected...

CVE-2018-15400

A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

CVE-2018-0452

A vulnerability in the web-based management interface of Cisco Tetration Analytics could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient...

External Tasks Not Working in WEM

Configured Filters are not processed and scripts added to external tasks are not running...

Multiple Apple products WebKit cross-site scripting vulnerability (CNVD-2018-21002)

Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser shipped with the Mac OS X and iOS operating systems. iTunes for Windows is a media player and application for the Windows platform. WebKit is one of the web browser engine components...

Wordpress plugin FV Flowplayer cross-site scripting vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Wordpress plugin FV Flowplayer, which can be exploited by an attacker to...

Microsoft Windows: Script Execution

This policy setting lets you configure the script execution policy, controlling which scripts are allowed to run. If you enable this policy setting, the scripts selected in the drop-down list are allowed to run. The Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpte...

Microsoft Windows: Turn on Script Execution

This policy setting lets you configure the script execution policy, controlling which scripts are allowed to run. If you enable this policy setting, the scripts selected in the drop-down list are allowed to run. The SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpt...

SAP NetWeaver WebDynpro Java Cross-Site Scripting Vulnerability

SAP Enterprise Financial Services is a set of enterprise financial services solutions from SAP. A cross-site scripting vulnerability exists in SAP NetWeaver, which arises from a failure to properly sanitize user-supplied input and can be exploited by a remote attacker to execute arbitrary script...