映射到 CWE-79 的搜索结果 (7400)

CVE-2017-5258(发布:2017-12-20 17:29:00)NM
CVSS3.5

[原文]In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows or can guess the RW community string can provide a URL for a configuration file over SNMP with XSS strings in certain SNMP OIDs, serve it via HTTP, and the affected device will perform a configuration restore using the attacker's supplied config file, including the inserted XSS strings.

CVE-2017-5257(发布:2017-12-20 17:29:00)NM
CVSS3.5

[原文]In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows (or guesses) the SNMP read/write (RW) community string can insert XSS strings in certain SNMP OIDs which will execute in the context of the currently-logged on user.

CVE-2017-5256(发布:2017-12-20 17:29:00)NM
CVSS3.5

[原文]In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability to update the Device Name and System Description fields in the web administration console, and those fields are vulnerable to persistent cross-site scripting (XSS) injection.

CVE-2011-4955(发布:2017-12-20 17:29:00)NMO
CVSS4.3

[原文]Multiple cross-site scripting (XSS) vulnerabilities in ui_stats.php in the bSuite plugin before 5 alpha 3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) s or (2) p parameters to index.php.

CVE-2017-1751(发布:2017-12-20 13:29:01)NMS
CVSS3.5

[原文]IBM Robotic Process Automation with Automation Anywhere 10.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 135546.

CVE-2017-1600(发布:2017-12-20 13:29:01)NMPS
CVSS3.5

[原文]IBM Security Guardium 10.0 Database Activity Monitor is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132613.

首页上一页23456789下一页尾页 第4页 / 共1234页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站