10 matches found
CVE-2013-10074
Nagios XI versions prior to 2012R2.6 are vulnerable to cross-site scripting XSS via the Tools Menu of the web interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
EUVD-2013-7285
Nagios XI versions prior to 2012R2.6 are vulnerable to cross-site scripting XSS via the Tools Menu of the web interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2013-10074
Nagios XI versions prior to 2012R2.6 are vulnerable to cross-site scripting XSS via the Tools Menu of the web interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2013-10074 Nagios XI < 2012R2.6 XSS via Tools Menu
Nagios XI versions prior to 2012R2.6 are vulnerable to cross-site scripting XSS via the Tools Menu of the web interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2013-10074
Nagios XI ≤ 2012R2.5 is vulnerable to cross-site scripting (XSS) via the Tools Menu in the web interface due to insufficient validation/escaping of user input. The Red Hat advisory and multiple sources confirm the issue affects Nagios XI prior to 2012R2.6, enabling an attacker to inject and execu...
CVE-2013-10074 Nagios XI < 2012R2.6 XSS via Tools Menu
Nagios XI versions prior to 2012R2.6 are vulnerable to cross-site scripting XSS via the Tools Menu of the web interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
PT-2025-44536
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2012R2.6 Description Nagios XI is susceptible to cross-site scripting XSS through the Tools Menu of its web interface. Insufficient validation or escaping of user-supplied input could allow an attacker to inject and...
MAL-2025-836 Malicious code in hubspottoolsmenu (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2015-6406
CVE-2015-6406 describes a directory traversal vulnerability in Cisco Emergency Responder’s Tools menu. Affected software is Cisco Emergency Responder 10.5(1.10000.5). The root cause is improper sanitization of user-supplied input that forms a filename, allowing authenticated, remote attackers to ...
XSS vulnerability in the "import word document" page action through the page name
On the "import word document" page action the name of the confluence page is a persistent xss vector as it is not encoded. How to Reproduce: 1. Create a confluence page with the following title noformat XSS"/alert'XSS' noformat 2. Navigate to the created page 3. Under the tools menu select "Impor...