Latest Security News about xss vulnerability

Contact US For API Security>

phpbb 3.0.x-3.0.6 has an XSS vulnerability

Overview : some issues found in phpbb 3.0.x-3.0.6 with an XSS vulnerability. Affected Product(s) : phpbb 3.0.x-3.0.6 Vulnerability Details : CVE ID : CVE-2019-12419 phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag. Solution : Source Package Release Version Status phpbb3 (PTS) jessie 3.0.12-5+deb8u1 fixed jessie (security) 3.0.12-5+deb8u4 fixed Package Type Release Fixed […]

Contact US For API Security>

Etherpad-Lite 1.7.5 has an XSS Vulnerability

Overview : templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer. Affected Product(s) : Etherpad-Lite 1.7.5 Vulnerability Details : CVE ID : CVE-2019-18209 The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks. The vulnerability exists due to insufficient […]

Contact US For API Security>

XSS vulnerability on Apache JSPWiki

Overview : On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the remember parameter on some of the JSPs, which could allow the attacker to execute javascript in the victim’s browser and get some sensitive information about the victim. Affected Product(s) […]

Contact US For API Security>

Pearson eSIS message board has stored XSS vuln

Overview : Pearson eSIS (Enterprise Student Information System) message board has stored XSS due to improper validation of user input Affected Product(s) : Pearson eSIS Enterprise Student Information System Vulnerability Details : CVE ID : CVE-2014-1454 To reproduce the issue a Super User account is needed. After that is accomplished one needs to log in, […]