CVE-2021-29805

IBM Tivoli Netcool/OMNIbusGUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 20426...

CVE-2021-21588

Dell EMC PowerFlex, v3.5.x contain a Cross-Site WebSocket Hijacking Vulnerability in the Presentation Server/WebUI. An unauthenticated attacker could potentially exploit this vulnerability by tricking the user into performing unwanted actions on the Presentation Server and perform which may lead ...

IBM Cloud Pak for Applications 跨站脚本漏洞

IBM Cloud Pak for Applications is an enterprise containerized application development runtime platform that helps you modernize existing applications, embed additional security, and develop new applications for developing digital initiatives.A cross-site scripting vulnerability exists in IBM Clou...

IBM Cloud Pak for Applications跨站脚本漏洞

IBM Cloud Pak for Applications is an application from IBM America, Inc. Provides cloud-native development solutions that deliver value quickly. A cross-site scripting vulnerability exists in IBM Cloud Pak for Applications v4.3, which allows a user to embed arbitrary JavaScript code in the Web UI ...

IBM Cloud Pak for Applications 跨站脚本漏洞

IBM Cloud Pak for Applications is an application from IBM USA, Inc. IBM Cloud Pak for Applications has a security vulnerability that stems from the fact that Cloud Pak for Applications allows users to embed arbitrary JavaScript code in the Web UI to change the intended functionality. An attacker...

CVE-2021-29712

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 200966...

IBM Jazz for Service Management和IBM Tivoli Netcool/OMNIbus_GUI 跨站脚本漏洞

IBM Tivoli Netcool/OMNIbus is a service-level management SLM system that provides real-time, centralized monitoring of complex networks and IT domains. web GUI is a web-based application version of the system that displays event data from multiple data sources in a variety of graphical formats in...

IBM InfoSphere Information Server 跨站脚本漏洞

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Analyzer that allows a user to...

The vulnerability of the fly-qdm GUI input software, related to a code error, allows a intruder to access confidential data.

The vulnerability of the fly-qdm GUI login software lies in the absence of a warning when an outdated password is used during password changes. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

CVE-2020-4935

IBM Datacap Fastdoc Capture IBM Datacap Navigator 9.1.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

Huawei Emui and Magic UI processing logic error vulnerability

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI are vulnerable to a processing logic error, which stems from a configuration flaw in the device. An attacker could exploit the vulnerability to hijac...

Huawei Smartphone 访问控制错误漏洞

Huawei Emui is an Android-based mobile operating system. Huawei Magic UI is the operating system for Honor phones. Huawei EMUI/Magic UI is vulnerable to a DoS vulnerability, which can be exploited by attackers to cause a temporary denial of service...

华为智能手机缓冲区错误漏洞

Huawei phones are smartphones from Huawei, a Chinese company. A buffer error vulnerability exists in multiple Huawei smartphones, which stems from a memory buffer being restricted for improper operation. The vulnerability can be exploited by an attacker to cause code execution. The following...

CVE-2020-4935

IBM Datacap Fastdoc Capture IBM Datacap Navigator 9.1.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

CVE-2021-20477

IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196949...

CVE-2020-21142

Cross Site Scripting XSS vulnerabilty in IPFire 2.23 via the IPfire web UI in the mail.cgi...

CVE-2021-29775

IBM Business Automation Workflow 19.0.03 and 20.0 and IBM Cloud Pak for Automation 20.0.3-IF002 and 21.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

IPFire 跨站脚本漏洞

IPFire is a hardened, versatile Linux-based open source firewall. A cross-site scripting vulnerability exists in IPFire version 2.23. The vulnerability can be exploited by an attacker to conduct cross-site scripting attacks via the IPfire web UI in mail.cgi...

IBM Planning Analytics 跨站脚本漏洞

IBM Planning Analytics is a suite of business planning and analytics solutions from IBM USA. The solution supports automated execution of processes such as business planning, budgeting and analysis. A cross-site scripting vulnerability exists in IBM Planning Analytics Local, which stems from a...

IBM Security Verify 跨站脚本漏洞

IBM Security Verify Privilege Vault is a privileged access management solution that enables IT administrators and IT security professionals to protect the privileges of all services, applications, roots and administrator accounts across the enterprise. A cross-site scripting vulnerability exists ...