Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/07/19 3:32 a.m.•5 views

JBoss RichFaces vulnerable to remote code execution

Overview JBoss RichFaces contains a remote code execution vulnerability due to an issue with deserialization. JBoss RichFaces is a framework for integrating Ajax into web applications. JBoss RichFaces applications contain a deserialization interface where end users may provide input. This interfa...

7.5CVSS8.4AI score0.12662EPSS
Exploits1References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/03 5:28 a.m.•5 views

HP ProCurve 1700 series switches vulnerable to cross-site request forgery

Overview ProCurve 1700 series switches provided by Hewlett-Packard contain a cross-site request forgery vulnerability. Darren Willis of Fourteenforty Research Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

6.8CVSS6.5AI score0.00968EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/18 5:40 a.m.•5 views

VxWorks WebCLI vulnerable to denial-of-service (DoS)

Overview The VxWorks WebCLI contains a denial-of-service DoS vulnerability. The VxWorks WebCLI contains a denial-of-service DoS vulnerability due to an issue in parsing command strings. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC...

6.8CVSS6.7AI score0.01878EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/13 7:47 a.m.•5 views

Accela BizSearch Gateway Option for TeamWARE Spoofing Vulnerability

Overview Accela BizSearch Gateway Option for TeamWARE, when the TeamWARE Gateway and Single Sign-On are enabled, which allows remote attackers to spoof user accounts of TeamWARE Office under specified conditions. Impact A remote attacker could spoof user accounts of TeamWARE Office under specifie...

6.8CVSS6.8AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/01/18 4:39 a.m.•5 views

Documents Pro (formerly Files HD) vulnerable to directory traversal

Overview Documents Pro provided by Olive Toast Software Ltd. contains a directory traversal vulnerability. Documents Pro provided by Olive Toast Software Ltd. is a document viewer for iOS devices. Documents Pro contains a directory traversal vulnerability. Keigo Yamazaki of LAC Co., Ltd reported...

7.5CVSS6.7AI score0.01839EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/12/06 3:40 a.m.•5 views

KENT-WEB ACCESS REPORT vulnerable to cross-site scripting

Overview ACCESS REPORT provided by KENT-WEB contains a cross-site scripting vulnerability. ACCESS REPORT provided by KENT-WEB is a software to analyze web access logs. ACCESS REPORT contains an issue in the processing of access logs, which may lead to a cross-site scripting vulnerability. Note th...

5CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/16 5:10 a.m.•5 views

Monaca Debugger for Android information management vulnerability

Overview Monaca Debugger for Android contains an information management vulnerability. Monaca Debugger provided by Asial Corporation contains an issue where account information of the product or other information such as session IDs are saved in a log file. KuMaGa ShiRoIHi reported this...

5CVSS6.5AI score0.01354EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/02 5:23 a.m.•5 views

Pebble vulnerable to open redirect

Overview Pebble contains an open redirect vulnerability. Pebble is an open source weblog system. Pebble contains an open redirect vulnerability. Takahisa Kishiya reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impa...

5.8CVSS6.6AI score0.01305EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/10/31 6:1 a.m.•5 views

Mac OS X OpenSSH vulnerable to denial-of-service (DoS)

Overview The OpenSSH implementation in Mac OS X is vulnerable to denial-of-service. The OpenSSH implementation in Mac OS X is vulnerable to denial-of-service. MASAKI KATAYAMA of Appirits inc Cyber Security Laboratory reported this vulnerability to IPA. JPCERT/CC coordinated with the developer und...

5CVSS6.6AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/10/26 5:0 a.m.•5 views

Tokyo BBS vulnerable to cross-site scripting

Overview Tokyo BBS contains a cross-site scripting vulnerability. Tokyo BBS provided by Come on Girls Interface contains a cross-site scripting vulnerability. Naohiko Tsuda reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

4.3CVSS6AI score0.01808EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/09/27 3:43 a.m.•5 views

Trend Micro Control Manager vulnerable to SQL injection

Overview Trend Micro Control Manager contains a SQL injection vulnerability. Trend Micro Control Manager contains a vulnerability in the ad hoc query module, which may result in SQL injection. Tom Gregory and Mada R Perdhana of Spentera reported this vulnerability to JPCERT/CC. JPCERT/CC...

7.5CVSS7.9AI score0.06089EPSS
Exploits5References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/09/25 4:40 a.m.•5 views

ATOK for Android issue in the access permissions for the learning information file

Overview ATOK for Android provided by JUST Systems, contains an issue in the access permissions for the learning information file. ATOK for Android provided by JUST Systems contains an issue where another application may access the learning information file which stores user input strings. Gaku...

4.3CVSS6.5AI score0.01204EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/09/20 3:33 a.m.•5 views

myLittleAdmin for SQL Server 2000 vulnerable to arbitrary script execution

Overview myLittleAdmin for SQL Server 2000 contains a vulnerability that may allow arbitrary script execution. myLittleAdmin for SQL server 2000 from myLittleTools is a web-based database management software.The management screen in myLittleAdmin for SQL server 2000 contains a vulnerability that...

4.3CVSS7.3AI score0.00931EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/09/07 7:40 a.m.•5 views

Cybozu KUNAI for Android vulnerable in the WebView class

Overview Cybozu KUNAI for Android contains a vulnerability in the WebView class. Cybozu KUNAI is a mobile client software for using Cybozu. Cybozu KUNAI for Android contains a vulnerability in the WebView class. Impact When there is a malicious file in the user's Android device, clicking a file:/...

4.3CVSS6.5AI score0.01191EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/17 6:58 a.m.•5 views

mixi for Android information management vulnerability

Overview mixi for Android contains an issue which stores friends' comments on a SD card. mixi for Android provided by mixi, Inc. contains an issue which stores friends' comments on a SD card, therefore other applications can access this information directly from the SD card. Kazuhiko Kusano of...

4.3CVSS6.6AI score0.01066EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/17 6:52 a.m.•5 views

Multiple GREE Android applications vulnerable in the WebView class

Overview Multiple Android applications provided by GREE contain a vulnerability in the WebView class. Multiple Android applications that use the SDK for HTML-based applications provided by GREE contain a vulnerability in the WebView class. Takeshi Terada of Mitsui Bussan Secure Directions, Inc.,...

4.3CVSS6.6AI score0.01066EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/13 6:0 a.m.•5 views

Yahoo! Browser vulnerable in the WebView class

Overview Yahoo! Browser contains a vulnerability in the WebView class. Yahoo! Browser is a web browser for Android devices. Yahoo! Browser contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinat...

4.3CVSS6.5AI score0.01204EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 8:24 a.m.•5 views

Movable Type plugin MT4i vulnerable to cross-site scripting

Overview MT4i contains a cross-site scripting vulnerability. MT4i is a Movable Type plugin. MT4i contains a cross-site scripting vulnerability. Note that this vulnerability is different from JVN80835745. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 8:14 a.m.•5 views

Movable Type plugin MT4i vulnerable to cross-site scripting

Overview MT4i contains a cross-site scripting vulnerability. MT4i is a Movable Type plugin. MT4i contains a cross-site scripting vulnerability. Note that this vulnerability is different from JVN79111101. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/01 5:9 a.m.•5 views

Puella Magi Madoka Magica iP for Android vulnerable to information disclosure

Overview Puella Magi Madoka Magica iP for Android contains an information disclosure vulnerability. Puella Magi Madoka Magica iP for Android has a function to link with a Twitter account. Puella Magi Madoka Magica iP for Android contains an issue where Twitter account credentials entered by a use...

4.3CVSS6.3AI score0.01066EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/01 5:6 a.m.•5 views

Segue vulnerable to SQL injection

Overview Segue contains a SQL injection vulnerability. Segue is a content management system. Segue contains a SQL injection vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

7.5CVSS7.9AI score0.02341EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 6:43 a.m.•5 views

Roundcube Webmail vulnerable to cross-site scripting

Overview Roundcube webmail contains a cross-site scripting vulnerability. Roundcube Webmail is an open source webmail client from the Roundcube Webmail Project. Roundcube Webmail contains a cross-site scripting vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this...

4.3CVSS6AI score0.01812EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 6:40 a.m.•5 views

Opera fails to verify SSL server certificates

Overview Opera contains an issue where it fails to verify SSL server certificates. Opera is a web browser. Opera contains an issue where it fails to verify SSL server certificates. Impact The user may unknowingly connect to a site that is using a certificate not authorized by a CA. As a result, t...

5.8CVSS6.5AI score0.00601EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 6:37 a.m.•5 views

RSSOwl vulnerable to arbitrary script execution

Overview RSSOwl is vulnerable to arbitrary script execution. RSSOwl is an RSS/Atom feed reader. RSSOwl is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information. Daiki Fukumori of Cyber Defense Institute, Inc. reported this...

4.3CVSS6.9AI score0.00931EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 6:34 a.m.•5 views

Sybase EAServer vulnerable to cross-site scripting

Overview EAServer contains a cross-site scripting vulnerability. EAServer provided by Sybase is an application server. EAServer contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the develop...

4.3CVSS6.1AI score0.00931EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 7:56 a.m.•5 views

baserCMS vulnerable to session management

Overview baserCMS contains a vulnerability in session management. baserCMS is an open-source Contents Management System CMS. baserCMS contains a vulnerability in session management. Impact If a web server is hosting several websites, and baserCMS are installed on the respective websites, an...

5.1CVSS6.7AI score0.02699EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/26 5:21 a.m.•5 views

sp mode mail issue in the verification of SSL certificates

Overview sp mode mail contains an issue in the verification of the SSL server certificate. sp mode mail provided by NTT DOCOMO contains an issue in the verification of the SSL server certificate. Tsukasa Hamano of Open Source Solution Technology Corporation reported this vulnerability to IPA...

5.8CVSS6.7AI score0.00665EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/24 4:37 a.m.•5 views

Multiple JustSystems products vulnerable to buffer overflow

Overview Multiple products provided by JustSystems Corporation contain a buffer overflow vulnerability. Multiple products provided by JustSystems Corporation contain a buffer overflow vulnerability due to improper handling of image files. Tielei Wang of Georgia Tech Information Security Center...

9.3CVSS7.6AI score0.04227EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/05 7:41 a.m.•5 views

SENCHA SNS vulnerable to session fixation

Overview SENCHA SNS contains a session fixation vulnerability. SENCHA SNS is an open source SNS software. SENCHA SNS contains a session fixation vulnerability. Hiroshi Tokumaru of HASH Consulting Corp. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

5.8CVSS6.7AI score0.0118EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/03/13 4:36 a.m.•5 views

twicca fails to restrict access permissions

Overview twicca contains an issue where access permissions are not restricted. twicca is a client software for using Twitter. twicca contains an issue where access permissions are not restricted. Kazuhiko Kusano of Graduate School of Information Sciences, Tohoku University reported this...

5CVSS6.7AI score0.01563EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/02/23 5:20 a.m.•5 views

Movable Type vulnerable to cross-site scripting

Overview Movable Type contains a cross-site scripting vulnerability. mt-wizard.cgi and Movable Type templates contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version of each produ...

4.3CVSS6.2AI score0.0134EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/02/23 5:19 a.m.•5 views

Movable Type vulnerable to cross-site request forgery

Overview Movable Type contains a cross-site request forgery vulnerability. Movable Type contains a cross-site request forgery vulnerability in entering comments and community functionality. Impact If a user views a malicious page while logged in, settings may be changed, data may be viewed or...

6.8CVSS6.5AI score0.01082EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/01/20 7:15 a.m.•5 views

osCommerce vulnerable to cross-site scripting

Overview osCommerce contains a cross-site scripting vulnerability. osCommerce is an open source system for creating shopping websites. osCommerce contains a cross-site scripting vulnerability. Masako Oono reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informati...

4.3CVSS6.1AI score0.01135EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/12/09 8:8 a.m.•5 views

FFFTP may insecurely load executable files

Overview FFFTP may use unsafe methods for determining how to load executables .exe FFFTP contains an issue when loading files, which may insecurely load executables or other files. This vulnerability is different from JVN62336482. Fumihiko Sano reported this vulnerability to IPA. JPCERT/CC...

9.3CVSS7.5AI score0.02192EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/12/08 8:15 a.m.•5 views

phpWebSite vulnerable to cross-site scripting

Overview phpWebSite contains a cross-site scripting vulnerability. phpWebSite is a content management system CMS. phpWebSite contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

4.3CVSS6.1AI score0.00921EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/11/04 8:36 a.m.•5 views

WebObjects vulnerable to cross-site scripting

Overview WebObjects provided by Apple, contains a cross-site scripting vulnerability. WebObjects provided by Apple is a web application server. WebObjects contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC...

4.3CVSS5.9AI score0.00845EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/28 8:42 a.m.•5 views

Multiple D-Link products vulnerable to buffer overflow

Overview Multiple D-Link products contain a buffer overflow vulnerability. Multiple D-Link products contain a buffer overflow vulnerability due to a SSH implementation issue. Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated wit...

10CVSS7.7AI score0.05465EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/17 9:56 a.m.•5 views

Safari for iOS vulnerable to cross-site scripting

Overview Safari for iOS provided by Apple contains a cross-site scripting vulnerability. Safari for iOS provided by Apple does not support the "attachment" value for the HTTP Content-Disposition header, resulting in a cross-site scripting vulnerability. Yoshinori Ohta of Business Architects Inc...

4.3CVSS5.7AI score0.01821EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/14 8:53 a.m.•5 views

EC-CUBE vulnerable to SQL injection

Overview EC-CUBE contains a SQL injection vulnerability. EC-CUBE provided by LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an issue in assembling SQL statements, leading to a SQL injection vulnerability. This vulnerability is different from JVN81111541...

7.5CVSS7.6AI score0.02334EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/13 9:58 a.m.•5 views

DAEMON Tools vulnerable to denial-of-service

Overview DAEMON Tools contains a denial-of-service DoS vulnerability. DAEMON Tools is a software for optical media emulation. DAEMON Tools contains a denial-of-service DoS vulnerability. Satoshi Tanda of Fourteenforty Research Institute Inc. reported this vulnerability to IPA. JPCERT/CC coordinat...

4.9CVSS6.5AI score0.00736EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/13 9:56 a.m.•5 views

Pligg vulnerable to cross-site scripting

Overview Pligg contains a cross-site scripting vulnerability. Pligg is a Content Management System CMS. Pligg contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informati...

4.3CVSS6.1AI score0.0098EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/11 10:28 a.m.•5 views

WEB FORUM vulnerable to cross-site scripting

Overview WEB FORUM provided by KENT-WEB contains a cross-site scripting vulnerability. WEB FORUM provided by KENT-WEB is a bulletin-board software. WEB FORUM contains a vulnerability in handling web form entries, which may result in cross-site scripting. ISHIBASHI,Tsuyoshi of Mitsui Bussan Secure...

4.3CVSS5.8AI score0.01403EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/11 12:0 a.m.•5 views

Enkai-kun vulnerable to cross-site scripting

Overview Enkai-kun provided by utage.org contains a cross-site scripting vulnerability. Ayumi Yamaguchi of Niconicom Co.,LTD. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be execut...

5CVSS6.1AI score0.01086EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/09/30 9:45 a.m.•5 views

BaserCMS vulnerable to access restriction

Overview BaserCMS contains a vulnerability in access restriction. BaserCMS is an open-source Contents Management System CMS. BaserCMS contains a vulnerability in access restriction where adding a user in the user group "operators" which is created by default when BaserCMS is installed. Masako Ohn...

4.9CVSS6.6AI score0.01344EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/09/02 10:26 a.m.•5 views

GTK+ may insecurely load dynamic libraries

Overview GTK+ may use unsafe methods for determining how to load DLLs. GTK+ is a toolkit for developing applications with GUIs. GTK+ contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Naoto Katsumi of LAC Co., Ltd. reported this vulnerability to IP...

6.9CVSS7.4AI score0.0039EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/08/26 8:14 a.m.•5 views

Samba Web Administration Tool vulnerable to cross-site scripting

Overview Samba Web Administration Tool contains a cross-site scripting vulnerability. Samba Web Administration Tool SWAT allows for Samba configuration through a web interface. SWAT contains a cross-site scripting vulnerability. SWAT is disabled in a default configuration of Samba. nobuhiro tsuji...

2.6CVSS6AI score0.06293EPSS
Exploits0References21
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/08/16 7:44 a.m.•5 views

Aipo vulnerable to SQL injection

Overview Aipo contains a SQL injection vulnerability. Aipo from Aimluck, Inc. is groupware including functions such as scheduler and intra-office blogging. Aipo contains a SQL injection vulnerability. Tsuyoshi Yamaguchi of Digiplate, inc. reported this vulnerability to IPA. JPCERT/CC coordinated...

7.5CVSS7.6AI score0.01072EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/07/28 7:31 a.m.•5 views

Mozilla Firefox vulnerable to cross-site scripting

Overview Mozilla Firefox contains a cross-site scripting vulnerability. Mozilla Firefox contains a vulnerability in the rendering of Cascading Style Sheets CSS, which may result in cross-site scripting. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA...

6.1CVSS5.7AI score0.00697EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/07/27 7:17 a.m.•5 views

Plone vulnerable to cross-site scripting

Overview Plone contains a cross-site scripting vulnerability. Plone is an open source content management system CMS. Plone contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

4.3CVSS6AI score0.01143EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/07/08 9:29 a.m.•5 views

Internet Explorer vulnerable to cross-site scripting

Overview Microsoft Internet Explorer contains a vulnerability in handling specific character encoding which may result in a cross-site scripting attack. Microsoft Internet Explorer contains a vulnerability in handling specific EUC-JP encoded characters, which may result in cross-site scripting...

2.6CVSS5.8AI score
Exploits0References3
Total number of security vulnerabilities5000