6 matches found
CVE-2025-10254
A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The...
CVE-2025-10255 Ascensio System SIA OnlyOffice Comment Messages.aspx cross site scripting
A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...
Solarwinds WebHelpDesk 跨站脚本漏洞
SolarWinds Web Help Desk is a web-based help desk work order and IT asset management software. A cross-site scripting vulnerability exists in SolarWinds Web Help Desk 12.7.0. The vulnerability can be exploited to conduct a cross-site scripting attack via a CSV template file with a specially craft...
CVE-2019-16955
SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request...
Solarwinds WebHelpDesk 跨站脚本漏洞
SolarWinds Web Help Desk is a web-based help desk work order and IT asset management software. A cross-site scripting vulnerability exists in SolarWinds Web Help Desk 12.7.0. An attacker can exploit this vulnerability to conduct a cross-site scripting attack via an SVG document uploaded in a...
Solarwinds WebHelpDesk 跨站脚本漏洞
SolarWinds Web Help Desk is a web-based help desk work order and IT asset management software. A cross-site scripting vulnerability exists in SolarWinds Web Help Desk 12.7.0. The vulnerability can be exploited to conduct cross-site scripting attacks via the "name" field of a user account...