2 matches found
CVE-2022-22126 Openmct XSS via the “Web Page” element
Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the “Web Page” element, that allows the injection of malicious JavaScript into the ‘URL’ field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later versions...
Lepton-CMS Cross-Site Scripting Vulnerability
LeptonCMS is a content management system CMS for the Lepton project. Lepton-CMS 4.7.0 suffers from a cross-site scripting vulnerability that can be exploited by an attacker to inject an XSS payload into the URL field of an administrative page, which is triggered whenever an administrator accesses...