Northern.tech CFEngine Enterprise Mission Portal 3.24.0, 3.21.5, and below allows XSS. The fixed versions are 3.24.1 and 3.21.6.
Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 allows XSS.
Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS.
Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.9.1 versions.
NASA Fprime v3.4.3 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.
A Cross-Site Scripting (XSS) vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter
Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions.
Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions.
Unauthenticated Cross Site Scripting (XSS) in CformsII <= 15.1.3 versions.
Halo v2.20.17 and before is vulnerable to Cross Site Scripting (XSS) in /halo_host/archives/{name}.
A Cross-Site Scripting (XSS) vulnerability was identified in the repository transfer feature of GitHub Enterprise Server, which allows attackers to steal sensitive user information via social engineer
Stored cross-site scripting (XSS) vulnerability in desknet's NEO versions V4.0R1.0–V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser.
Intrexx Portal Server 12.x <= 12.0.2 and 11.x <= 11.9.2 allows XSS in multiple Velocity scripts.
AVE System Web Client v2.1.131.13992 was discovered to contain a cross-site scripting (XSS) vulnerability.
VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation.
Cervantes through 0.5-alpha allows stored XSS.
A stored cross-site scripting (XSS) vulnerability in the department assignment editing module of of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a cra
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NasaTheme Nasa Core nasa-core allows Stored XSS.This issue affects Nasa Core: from n/a through < 6
Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting (XSS) in its chat box component. This allows a remote attacker to execute arbitrary code. NOTE: the Supplier
A cross-site scripting (XSS) vulnerability in the component /index/index.html of YZNCMS v1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the configu
Page 1+ Next →