Latest Security News about xss vulnerability

Contact US For API Security>

Persistent XSS vulnerability in filename of attached file in PrivateBin

Overview : PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2 has an Arbitrary File Upload Vulnerability Affected Product(s) : PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2 Vulnerability Details : CVE ID : CVE-2020-5223 In PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2, a persistent XSS attack is possible. Under certain conditions, […]

Contact US For API Security>

phpbb 3.0.x-3.0.6 has an XSS vulnerability

Overview : some issues found in phpbb 3.0.x-3.0.6 with an XSS vulnerability. Affected Product(s) : phpbb 3.0.x-3.0.6 Vulnerability Details : CVE ID : CVE-2019-12419 phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag. Solution : Source Package Release Version Status phpbb3 (PTS) jessie 3.0.12-5+deb8u1 fixed jessie (security) 3.0.12-5+deb8u4 fixed Package Type Release Fixed […]

Contact US For API Security>

Etherpad-Lite 1.7.5 has an XSS Vulnerability

Overview : templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer. Affected Product(s) : Etherpad-Lite 1.7.5 Vulnerability Details : CVE ID : CVE-2019-18209 The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks. The vulnerability exists due to insufficient […]

Contact US For API Security>

XSS vulnerability on Apache JSPWiki

Overview : On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the remember parameter on some of the JSPs, which could allow the attacker to execute javascript in the victim’s browser and get some sensitive information about the victim. Affected Product(s) […]

Contact US For API Security>

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server

  Overview : A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0893. Reference Key Each reference used in CVE has the following structure: SOURCE: NAME SOURCE is an [...]