| Contact US For API Security> |
Overview : some issues found in phpbb 3.0.x-3.0.6 with an XSS vulnerability. Affected Product(s) : phpbb 3.0.x-3.0.6 Vulnerability Details : CVE ID : CVE-2019-12419 phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag. Solution : Source Package Release Version Status phpbb3 (PTS) jessie 3.0.12-5+deb8u1 fixed jessie (security) 3.0.12-5+deb8u4 fixed Package Type Release Fixed […]
| Contact US For API Security> |
Overview : templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer. Affected Product(s) : Etherpad-Lite 1.7.5 Vulnerability Details : CVE ID : CVE-2019-18209 The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks. The vulnerability exists due to insufficient […]
| Contact US For API Security> |
Overview : On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the remember parameter on some of the JSPs, which could allow the attacker to execute javascript in the victim’s browser and get some sensitive information about the victim. Affected Product(s) […]
| Contact US For API Security> |
Overview : A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code. Affected Product(s) : Freebox OS Web interface 3.0.2 Vulnerability Details : CVE ID : CVE-2014-9405 Freebox allows users to create VPN connections […]
| Contact US For API Security> |
Overview : Pearson eSIS (Enterprise Student Information System) message board has stored XSS due to improper validation of user input Affected Product(s) : Pearson eSIS Enterprise Student Information System Vulnerability Details : CVE ID : CVE-2014-1454 To reproduce the issue a Super User account is needed. After that is accomplished one needs to log in, […]
