映射到 CWE-79 的搜索结果 (7080)

CVE-2017-1199(发布:2017-08-03 11:29:00)NMS
CVSS3.5

[原文]IBM InfoSphere Master Data Management Server 10.0, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123674.

CVE-2017-11320(发布:2017-08-03 04:29:00)NP
CVSS4.3

[原文]Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor TC7337 routers 08.89.17.20.00 allows an attacker to cause DNS Poisoning and steal credentials from the router.

CVE-2017-9459(发布:2017-08-02 15:29:01)NMS
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in the management web interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2017-9467(发布:2017-08-02 15:29:01)NMS
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in the GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2017-9244(发布:2017-08-02 15:29:00)NM
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in the Trello app before 4.0.8 for iOS might allow remote attackers to inject arbitrary web script or HTML by uploading and attaching a crafted photo to a Card.

CVE-2015-2690(发布:2017-08-02 15:29:00)NMCP
CVSS4.3

[CNNVD]FreePBX‘admin/config.php’跨站脚本漏洞--FreePBX(前称Asterisk Management Portal)是FreePBX项目的一套通过GUI(基于网页的图形化接口)配置Asterisk(IP电话系统)的工具。 FreePBX 12.0.43及之前版本中存在跨站脚本漏洞,该漏洞源于程序没有充分过滤用户提交的输入...

首页上一页23456789下一页尾页 第4页 / 共1180页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站