CVE-2025-67634 Software Acquisition Guide Supplier Response Web Tool XSS

The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable to cross-site scripting via text fields. If an attacker could convince a user to import a specially-crafted JSON file, the Tool would load JavaScript from the file into the page. The JavaScript would...

CVE-2025-67634 Software Acquisition Guide Supplier Response Web Tool XSS

The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable to cross-site scripting via text fields. If an attacker could convince a user to import a specially-crafted JSON file, the Tool would load JavaScript from the file into the page. The JavaScript would...

The vulnerability of the web-based collaboration tool for planning, creating, managing, and executing tests at all stages of the IBM Engineering Test Management cycle exists due to the lack of protective measures for the website structure. This allows attackers to execute arbitrary JavaScript code.

The vulnerability of the web-based collaboration tool for planning, creating, managing, and executing tests at all stages of the development cycle in IBM Engineering Test Management exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a...

phpMyAdmin cross-site scripting vulnerability (CNVD-2016-12700)

phpmyadmin is an online management tool for MySQL databases. A cross-site scripting vulnerability exists in phpMyAdmin. Due to the use of a vulnerable JavaScript library, an attacker can exploit the vulnerability to launch a cross-site scripting attack...