Lucene search
+L

5 matches found

huntr
huntr
added 2021/08/23 8:10 a.m.7 views

Cross-site Scripting (XSS) - Reflected in erikdubbelboer/phpredisadmin

✍️ Description The application is vulnerable to XFS attack. 🕵️‍♂️ Proof of Concept Navigate to https://domain.tld/phpRedisAdmin/?https://www.eia.gov/state/maps The page https://www.eia.gov/state/maps.php will be loaded in an iframe on the page. 💥 Impact Cross-Frame Scripting XFS is an attack that...

0.8AI score
Exploits0References1
cisco
cisco
added 2019/09/18 4:0 p.m.41 views

Cisco HyperFlex Software Cross-Frame Scripting Vulnerability

A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerabilit...

6.5CVSS0.8AI score0.01206EPSS
Exploits0References1
prion
prion
added 2017/10/05 7:29 a.m.19 views

Cross site scripting

A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML inline frames iframes...

4.3CVSS6.2AI score0.01686EPSS
Exploits0References3
cisco
cisco
added 2017/10/04 4:0 p.m.96 views

Cisco Unified Communications Manager Cross-Frame Scripting Vulnerability

A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML inline frames iframes...

4.7CVSS6.3AI score0.01686EPSS
Exploits0References1
cisco
cisco
added 2016/01/05 7:30 a.m.44 views

Cisco Prime Infrastructure Frame Injection Vulnerability

A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. The vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user to an...

4.3CVSS5AI score0.00875EPSS
Exploits0References1
Rows per page
Query Builder