PEGA Platform versions 7.2 ML0 and below suffer from missing access control and cross site scripting vulnerabilities.
938c5f42465df06a9e5c4c2fc3e83ed2Orangescrum version 1.6.1 suffers from cross site scripting and remote file upload vulnerabilities.
9693daf187246491e666ce159587cc45Vodafone Italia's webmail system suffers from a cross site scripting vulnerability that can be leveraged via an incoming email.
d0d7db3a1272f4db6715ac4f88d6f69fApache Open Meetings version 3.2.0 suffers from a cross site scripting vulnerability.
9e8232ac589f00d065c50a41985205d0Sitecore CMS version 8.2 suffers from cross site scripting and file disclosure vulnerabilities.
4858233c0ae712bdc0b065aba7a0cab1RSA Authentication Manager versions 8.2 SP1 and below suffer from a stored cross site scripting vulnerability.
ae44f3bc0782d5d9b8cbf572c21a6d09Multiple RSA Identity Governance and Lifecycle products suffer from remote file upload and cross site scripting vulnerabilities. Affected products include RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels, RSA Via Lifecycle and Governance version 7.0, all patch levels, and RSA Identity Management and Governance (RSA IMG) versions 6.9.1, all patch levels.
e4d5560e1af72698b914df2a682e9f6bRed Hat Security Advisory 2017-1739-01 - OpenStack Dashboard provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources. Security Fix: A cross-site scripting flaw was discovered in the OpenStack dashboard which allowed remote authenticated administrators to conduct XSS attacks using a crafted federation mapping rule. For this flaw to be exploited, federation mapping must be enabled in the dashboard.
95af0406275f158f0085ef9a2ede7899AGFEO Smart Home ES 5xx / 6xx versions 1.9b and 1.10 suffers from authentication bypass, cross site scripting, and hard-coded private key vulnerabilities.
d8b060c4416bc13adecea2847e56ea96ObjectPlanet Opinio versions 7.6.3 and below suffer from a cross site scripting vulnerability.
2c6e538a5255abbbe63a715b422d9339RaidenHTTPD version 2.0.44 suffers from a cross site scripting vulnerability via the user-agent header.
280b6748678ae5a593570faa3573d0a8HP Security Bulletin HPESBGN03762 1 - Potential security vulnerabilities have been identified in HPE Network Node Manager i. The vulnerabilities could be remotely exploited to allow bypass security restrictions, cross-site scripting (XSS), and/or URL redirection. Revision 1 of this advisory.
0381a18a7544fb7fb594274929cf5fe3Shenzhen C-Data CD7201 with software version 2.4.6b and firmware version 7.1.0 suffer from authentication bypass, command injection, and cross site scripting vulnerabilities.
2f2406c1fed6720250bfb64cda0f49c8Rise Ultimate Project Manager version 1.8 suffers from a cross site scripting vulnerability.
777631a23b625f4d7d95e352bf19262cPulse Connect Secure version 8.3R1 suffer from cross site scripting and cross site request forgery vulnerabilities.
f881d55ec2c771f14be93daa0a0887bfYaws server version2.0 suffers from multiple cross site scripting vulnerabilities.
e8a85c148e887e014427c7e9c438d040Xenforo Forum CMS version 1.5.13 suffers from a persistent cross site scripting vulnerability.
4049540e25d622043fb619c1860d275bWebmin version 1.840 suffers from a cross site scripting vulnerability.
bb51602cc1da9c4e34fe8d5f821ccdd0Humax Digital HG100R version 2.0.6 suffers from backup disclosure, root credential disclosure, and cross site scripting vulnerabilities.
d929ed2b472ae8a416c2a4ab898c7996RSA Archer GRC version 6.2.0.2 suffers from bypass, cross site request forgery, information disclosure, open redirection, and cross site scripting vulnerabilities.
6cf471214abe6297b8b4c071b0aa43fdMicrosoft Dynamic CRM 2016 versions SP1 and below suffer from a cross site scripting vulnerability.
6edb82874ea081b8edfc3b1e81d10c4dTrihedral VTScada versions prior to 11.2.26 suffer from resource consumption, cross site scripting, and information disclosure vulnerabilities.
cb976665ca752634c866774df96acaffKaspersky Anti-Virus for Linux File Server version 8.0.3.297 suffers from remote code execution, cross site request forgery, cross site scripting, security bypass, information disclosure, and path traversal vulnerabilities.
834309bd7c681fce682800c2b27a31c0Red Hat Security Advisory 2017-1598-01 - OpenStack Dashboard provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources. The following packages have been upgraded to a later upstream version: python-django-horizon. Security Fix: A cross-site scripting flaw was discovered in the OpenStack dashboard which allowed remote authenticated administrators to conduct XSS attacks using a crafted federation mapping rule. For this flaw to be exploited, federation mapping must be enabled in the dashboard.
81bf98fb7034529dc78cf4721c28a1f4PHPMailer versions prior to 5.2.23 suffer from a cross site scripting vulnerability.
805a38cbb28d9f509ff048255eec6de7
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed