An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution.
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
vulnerability exists when an authenticated user modifies configuration parameters on the web server
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability
exists in Certificates page on Webserver that could cause an unvalidated data injected by aut
This vulnerability occurs when user-supplied input is improperly sanitized and then reflected back to the user's browser, allowing an attacker to execute arbitrary JavaScript in the context of the vic
A Stored Cross-Site Scripting vulnerability was discovered in the Assets and Nodes functionality due to improper validation of an input parameter. An authenticated user with custom fields privileges c
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause condition where authenticated attackers can have a victim’s browser ru
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
vulnerability exists when an authenticated attacker modifies folder names within the context of
the product
Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "File Name" page (/cgi/uset.cgi?-cfilename) in t
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Improper Input validation leads to XSS or Cross-site Scripting vulnerability in OpenText Advanced Authentication. This issue affects Advanced Authentication versions before 6.5.
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability
exists impacting PLC system variables that could cause an unvalidated data injected by authen
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability
exists impacting configuration file paths that could cause an unvalidated data injected by au
A stored cross-site scripting vulnerability exists in FS model S3150-8T2F switches running firmware s3150-8t2f-switch-fsos-220d_118101 and web firmware v2.2.2, which allows an authenticated web interf
An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.
Missing sanitation of inputs allowed arbitrary users to conduct a stored XSS attack that triggers for users that view a certain project
A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker
A stored Cross-Site Scripting (XSS) vulnerability exists in the qureydetails.php page of Institute-of-Current-Students 1.0, where the input fields for Query and Answer do not properly sanitize user in
Page 1+ Next →