映射到 CWE-79 的搜索结果 (7787)

CVE-2018-5799(发布:2018-03-30 09:29:00)NMP
CVSS4.3

[原文]In Zoho ManageEngine ServiceDesk Plus before 9403, an XSS issue allows an attacker to run arbitrary JavaScript via a /api/request/?OPERATION_NAME= URI, aka SD-69139.

CVE-2018-9130(发布:2018-03-30 04:29:00)NM
CVSS4.3

[原文]IBOS 4.4.3 has XSS via a company full name.

CVE-2018-9140(发布:2018-03-30 04:29:00)NM
CVSS4.3

[原文]On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747.

CVE-2014-6604(发布:2018-03-29 14:29:00)NM
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in class-s2-list-table.php in the Subscribe2 plugin before 10.16 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ip parameter.

CVE-2018-6586(发布:2018-03-29 09:29:00)NMPS
CVSS4.3

[原文]CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing.

CVE-2018-6587(发布:2018-03-29 09:29:00)NMP
CVSS4.3

[原文]CA API Developer Portal 3.5 up to and including 3.5 CR6 has a reflected cross-site scripting vulnerability related to the widgetID variable.

首页上一页12345678下一页尾页 第3页 / 共1298页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站