Multiple Cross-Site Scripting Vulnerabilities in Cisco Prime Infrastructure

Cisco Prime Infrastructure is an all-in-one package that provides complete infrastructure wired and wireless and mobile lifecycle management provisioning, monitoring, troubleshooting, fixing, and reporting. Multiple cross-site scripting vulnerabilities exist in Cisco Prime Infrastructure, as the...

Plain Black WebGUI 'style-underground/search' cross-site scripting vulnerability

WebGUI is a CMS Content Management System software that is mainly used to facilitate the publishing and maintenance of website content. A cross-site scripting vulnerability exists in Plain Black WebGUI 'style-underground/search'. This allows remote attackers to execute arbitrary web script or HTM...

SnipSnap 'query' parameter cross-site scripting vulnerability

SnipSnap is a free java written and easy to install webBlog and wiki tools. A cross-site scripting vulnerability exists in the SnipSnap 'query' parameter due to the program failing to properly process user-supplied input. This allows an attacker to steal cookie-based authentication credentials an...

Fortinet FortiOS HTML Injection Vulnerability

Fortinet FortiOS is a set of security operating system developed by the U.S. company Fita Fortinet dedicated to the FortiGate platform, which provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering, anti-spam and other security features. An HTML injection vulnerability exist...

MantisBT < 1.2.19, 1.3.x < 1.3.0-beta.2 Multiple Vulnerabilities

MantisBT is prone to multiple vulnerabilities. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Cisco Meraki Systems Manager HTML Injection Vulnerability

Cisco Meraki Systems Manager is a cloud-based management solution. An HTML injection vulnerability exists in Cisco Meraki Systems Manager, which could be exploited by an attacker to obtain cookie-based authentication credentials and execute arbitrary script or HTML code in the context of an...

Fortinet FortiAuthenticator Appliance Cross-Site Scripting Vulnerability Vulnerability

Fortinet FortiAuthenticator is a family of secure authentication software from Fortinet that can be combined with FortiToken two-factor authentication token to provide secure two-factor authentication to third-party devices authenticated via RADIUS or LDAP. The Fortinet FortiAuthenticator Applian...

Fumy News Clipper vulnerable to cross-site scripting

Overview Fumy News Clipper provided by Nishishi Factory contains a cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the...

WordPress Plugin Photo Gallery Has Multiple Cross-Site Scripting Vulnerabilities

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress plugin Photo Gallery has multiple cross-site scripting vulnerabilities due to the program failing to properly filte...

WordPress Plugin Blubrry PowerPress Podcast 'admin.php' Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Blubrry PowerPress Podcast 'admin.php' due to the program...

Multiple Cross-Site Scripting Vulnerabilities in Saurus CMS

Saurus CMS is a content management system. Saurus CMS suffers from multiple cross-site scripting vulnerabilities due to the program failing to properly process user-supplied input. This allows attackers to exploit this vulnerability to steal cookie-based authentication credentials, execute...

Multiple HTML Injection Vulnerabilities in FerretCMS

FerretCMS is a content management system. Multiple HTML injection vulnerabilities exist in FerretCMS, which could be exploited by an attacker to execute arbitrary HTML and script code in the context of an affected application...

Marked Module Cross-Site Scripting Vulnerability

Marked Module is the Markdown parser. A cross-site scripting vulnerability exists in Marked Module because the program fails to properly filter user-supplied input. An attacker could use this vulnerability to execute arbitrary script code or steal cookie-based authentication credentials in the...

Exponent CMS 'index.php' Cross-Site Scripting Vulnerability

Exponent CMS is open source content management system. A cross-site scripting vulnerability exists in Exponent CMS 'index.php' because it fails to properly filter user-supplied input. An attacker may be able to exploit this vulnerability to execute arbitrary script code in an unsuspecting user's...

Kiwix Cross-Site Scripting Vulnerability

Kiwix is a free application for offline browsing of Wikipedia. Kiwix suffers from a cross-site scripting vulnerability due to the program failing to properly filter user-supplied input. An attacker could use this vulnerability to execute arbitrary script code or steal cookie-based authentication...

McAfee Data Loss Prevention Endpoint HTML Injection Vulnerability

McAfee Network Data Loss Prevention monitors network traffic and protects against data loss. An HTML injection vulnerability exists in McAfee Data Loss Prevention Endpoint, which could allow an attacker to execute arbitrary HTML and script code in the context of a user's browser at an affected si...

Multiple Cross-Site Scripting Vulnerabilities in Drupal Video Module

Drupal is a free and open source content management system developed in PHP. Multiple cross-site scripting vulnerabilities exist in the Drupal Video module because it fails to properly filter user-supplied input. An attacker could potentially exploit these vulnerabilities to execute arbitrary...

Multiple Cross-Site Scripting Vulnerabilities in Drupal Room Reservations Module

Drupal is a free and open source content management system developed in PHP. Multiple cross-site scripting vulnerabilities exist in the Drupal Room Reservations module because it fails to properly filter user-supplied input. An attacker could use these vulnerabilities to execute arbitrary script...

Fork CMS 'loadForm()' Function Cross-Site Scripting Vulnerability

Fork CMS is a CMS system developed in PHP. A cross-site scripting vulnerability exists in the Fork CMS 'loadForm' function due to the program failing to properly filter user-supplied input. An attacker could use this vulnerability to execute arbitrary script code or steal cookie-based...

Multiple Cross-Site Scripting Vulnerabilities in Ansible Tower

Ansible is simple configuration management, deployment, task execution, and multi-node authoring framework. Ansible Tower has multiple cross-site scripting vulnerabilities because it fails to properly filter user-supplied input. An attacker could potentially exploit these vulnerabilities to execu...