GitHub 跨站脚本漏洞

GitHub is a hosting platform for open source and private software projects. A cross-site scripting vulnerability exists in the GitHub repository chatwoot/chatwoot and prior versions, which stems from a lack of proper validation of client-side data by the web application. An attacker can exploit...

TotoLink A3002RU 跨站脚本漏洞

Totolink TOTOLINK A3002RU is a wireless router product from Gion Electronics Totolink, Taiwan, China.A cross-site scripting vulnerability exists in TOTOLINK A3002R V1.1.1-B20200824, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could use th...

RainbowFish PacsOne Server 跨站脚本漏洞

RainbowFish PacsOne Server is an image archiving and communication system server from RainbowFish Rainbowfish, which is used to save incoming images. A cross-site scripting vulnerability exists in versions of RainbowFish PacsOne Server prior to 7.1.1, which stems from the lack of proper validatio...

OSIsoft PI Vision Cross-Site Scripting Vulnerability (CNVD-2020-44877)

OSIsoft PI Vision is a suite of visualization tools from OSIsoft, Inc. that supports accessing PI System data from mobile devices. It supports self-configuration of trends, images, data values, and more in order to present data information. A cross-site scripting vulnerability exists in OSIsoft P...

Zabbix SIA Zabbix Cross-Site Scripting Vulnerability

Zabbix SIA Zabbix is an open source monitoring system from the Latvian company Zabbix SIA. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. Zabbix SIA A cross-site scripting vulnerability exists in Zabbix. The vulnerability stems from a lack ...

CloudBees Jenkins Matrix Project Plugin Cross-Site Scripting Vulnerability (CNVD-2020-43166)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Matrix Project Plugin is used in one of the...

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-48229)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 4.3.0, prior to 4.2.1, and prior to 4.1.2. The vulnerability stems from a lack of proper validation of client data ...

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35461)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 3.1.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27216)

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products, which stems from a lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client-side code...

NETGEAR RBR50, RBS50 and RBK50 Cross-Site Scripting Vulnerabilities

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR RBR50 version prior to 2.3.5.30, RBS50 version prior to 2.3.5.30, and RBK50 version prior to 2.3.5.30, which stems from the lack of proper validation of client-side data ...

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27214)

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR RBR50 version prior to 2.3.5.30, RBS50 version prior to 2.3.5.30, and RBK50 version prior to 2.3.5.30, which stems from the lack of proper validation of client-side data ...

NETGEAR RAX40 Cross-Site Scripting Vulnerability (CNVD-2020-24162)

The NETGEAR RAX40 is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR RAX40 prior to version 1.0.3.62, which stems from a lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute client-side code...

NETSAS Enigma NMS Cross-Site Scripting Vulnerability (CNVD-2020-18995)

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A cross-site scripting vulnerability exists in NETSAS Enigma NMS version 65.0.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

SolarWinds Orion Platform Cross-Site Scripting Vulnerability

SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. A...

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01244)

Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01243)

Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...

NETCORE Netis DL4323 Cross-Site Scripting Vulnerability (CNVD-2020-01648)

NETCORE Netis DL4323 is a multi-function modem from China's NETCORE. A cross-site scripting vulnerability exists in the NETCORE Netis DL4323, which stems from the lack of proper validation of client data by the WEB application, and can be exploited by an attacker to execute client code...

NETCORE Netis DL4323 Cross-Site Scripting Vulnerability

NETCORE Netis DL4323 is a multi-function modem from China's NETCORE. A cross-site scripting vulnerability exists in the NETCORE Netis DL4323, which stems from the lack of proper validation of client data by the WEB application, and can be exploited by an attacker to execute client code...

Intelbras WRN 150 Cross-Site Scripting Vulnerability

Intelbras WRN 150 is a wireless router from Intelbras Poland. A cross-site scripting vulnerability exists in Intelbras WRN 150. The vulnerability stems from the lack of proper validation of client data by the WEB application. An attacker can exploit the vulnerability to execute client-side code...

Jiangnan Online Judge Cross-Site Scripting Vulnerability

Jiangnan Online Judge is an online evaluation system for computer programming. The system is mainly used for compiling and executing the source code submitted by users and checking the correctness of the program source code. A cross-site scripting vulnerability exists in Jiangnan Online Judge...