webworks-cms.de Improper Access Control vulnerability OBB-3777690

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

VMware ESX WebWorks Help Multiple XSS (VMSA-2009-0017) (remote check)

The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple cross-site scripting XSS vulnerabilities in WebWorks Help due to improper sanitization of user-supplied input to unspecified parameters or to messages used in topic links. A remote attacker can...

VMSA-2009-0017 : VMware vCenter, ESX patch and vCenter Lab Manager releases address XSS issues

a. WebWorks Help - Cross-site scripting vulnerability WebWorks Help is an output format that allows online Help to be delivered on multiple platforms and browsers, which makes it easy to publish information on the Web or on an enterprise intranet. WebWorks Help is used for creating the online hel...

VMware Server Multiple Cross-Site Scripting Vulnerabilities (Windows)

This host is installed with VMWare Server that is vulnerable to multiple Cross-Site Scripting vulnerabilities. OpenVAS Vulnerability Test $Id: secpodvmwareservermultxssvulndec09win.nasl 6518 2017-07-04 13:49:06Z cfischer $ VMware Server Multiple Cross-Site Scripting Vulnerabilities Windows Author...

VMware Server Multiple XSS Vulnerabilities - Windows

VMWare Server is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VMware vCenter Lab Manager WebWorks Help跨站脚本漏洞

CVE ID：CVE-2009-3731 VMware vCenter Lab Manager使IT能够为开发测试创建和管理内部云，并通过自助访问研发、测试、配置和部署复杂的、多级别的应用程序所需的资源，为用户提供更高的服务等级。 WebWorks Help某个输出格式允许在线帮助在多种平台和浏览器上提交，可更加容易的在WEB或企业内网中发布信息。 WebWorks Help没有充分过滤入站请求，可导致内置WebWorks Help的应用程序触发跨站脚本攻击。 成功利用VMware产品中的此漏洞需要诱使用户点击恶意链接或在目标用户登录到vCenter时，ESX或VMware...

VMWare vCenter / ESX / WebWorks Help crossite scripting

No description provided...

CVE-2009-3731

Multiple cross-site scripting XSS vulnerabilities in WebWorks Help 2.0 through 5.0 in VMware vCenter 4.0 before Update 1 Build 208156; VMware Server 2.0.2; VMware ESX 4.0; VMware Lab Manager 2.x; VMware vCenter Lab Manager 3.x and 4.x before 4.0.1; VMware Stage Manager 1.x before 4.0.1; WebWorks...

CVE-2009-3731

Multiple cross-site scripting XSS vulnerabilities in WebWorks Help 2.0 through 5.0 in VMware vCenter 4.0 before Update 1 Build 208156; VMware Server 2.0.2; VMware ESX 4.0; VMware Lab Manager 2.x; VMware vCenter Lab Manager 3.x and 4.x before 4.0.1; VMware Stage Manager 1.x before 4.0.1; WebWorks...

CVE-2009-3731

CVE-2009-3731 describes multiple cross-site scripting (XSS) vulnerabilities in WebWorks Help used by VMware products (e.g., vCenter/ESX/Server, Lab Manager, Stage Manager). The root cause is insufficient sanitization of inbound input in WebWorks Help output formats, enabling remote attackers to i...

VMSA-2009-0017:VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues

VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0017 VMware Security Advisory Synopsis: VMware vCenter, ESX patch and vCenter Lab Manager releases address...