映射到 CWE-79 的搜索结果 (7902)

CVE-2018-8168(发布:2018-05-09 15:29:02)NMS
CVSS3.5

[原文]An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8149, CVE-2018-8155, CVE-2018-8156.

CVE-2018-8911(发布:2018-05-09 09:29:00)NM
CVSS3.5

[原文]Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Note Station before 2.5.1-0844 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.

CVE-2018-8912(发布:2018-05-09 09:29:00)NM
CVSS3.5

[原文]Cross-site scripting (XSS) vulnerability in SYNO.NoteStation.Note in Synology Note Station before 2.5.1-0844 allows remote authenticated users to inject arbitrary web script or HTML via the commit_msg parameter.

CVE-2018-6510(发布:2018-05-08 14:29:00)NM
CVSS3.5

[原文]A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Orchestrator. Affected releases are Puppet Puppet Enterprise: 2017.3.x versions prior to 2017.3.6.

CVE-2018-6511(发布:2018-05-08 14:29:00)NM
CVSS3.5

[原文]A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Puppet Enterprise Console. Affected releases are Puppet Puppet Enterprise: 2017.3.x versions prior to 2017.3.6.

CVE-2018-1413(发布:2018-05-07 09:29:00)NMS
CVSS3.5

[原文]IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138819.

首页上一页23456789下一页尾页 第4页 / 共1317页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站