7 matches found
CVE-2025-62267
Multiple cross-site scripting XSS vulnerabilities in web content template’s select structure page in Liferay Portal 7.4.3.35 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 update 35 through update 92 allow remote attackers to inject arbitrary we...
CVE-2021-47689 Nagios XI < 5.8.0 Core Config Manager (CCM) XSS via Templates Pages
The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.0 / Nagios XI 5.8.0 contais a cross-site scripting XSS vulnerability in the Templates pages, specifically in the UI logic that renders and handles the Active/Actions buttons. Insufficient validation or escaping of user-supplied...
CVE-2025-59990
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the template creation pages that, when visited by another user, enable the attacker to execute commands with the target's...
CVE-2025-59990
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the template creation pages that, when visited by another user, enable the attacker to execute commands with the target's...
CVE-2025-59990
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the template creation pages that, when visited by another user, enable the attacker to execute commands with the target's...
CVE-2025-59990 Junos Space: Template creation pages are vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the template creation pages that, when visited by another user, enable the attacker to execute commands with the target's...
CVE-2002-1651
CVE-2002-1651 describes a cross-site scripting (XSS) vulnerability in the Verity Search97 product. The issue arises from certain error messages in template pages that use the (1) vformat and (2) vfilter functions, enabling remote attackers to inject arbitrary web content and potentially access se...