A stored cross-site scripting (XSS) vulnerability has been identified in UEditor version 1.4.3.3. The vulnerability stems from the default configuration of config.json files within the ≤1.4.3.3 versions of UEditor, which permits the uploading of.swffiles. Furthermore, for versions ≥1.4.2 and ...
A stored cross-site scripting (XSS) vulnerability exists in LightCMS that allows an user authorized to upload a malicious .pdf file which acts as a stored XSS payload. If this stored XSS payload is triggered by an administrator it will t...
Found Stored Cross Site Scripting (XSS) vulnerability in SharePoint 2013 Hi @all, having penetrated our local SP 2013 farm we now have to deal with a Stored Cross Site Scripting Vulnerability which was found by the pentesters. What they did:Creating a new task element or every other...
在name输入alert(1) message输入a Safari要把“检查元素”关掉,不然会屏蔽xss 看看medium 对比看出name过滤不如message,只是替换script标签 大写绕过 name输入<SCRIPT>alert(1) message输入a 看看high name正则过滤script标签了,使用事件吧 name输入 message输入a 然而没反应 那还是用上次的链接方式吧 name输入aaa messa...
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct a cro
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack on an affected device. The vulnerability is due to
The following vulnerability was tested on the WSO2 API Manager version 2.6.0 Product. Issue 01: Stored Cross-Site Scripting. Figure 01:Choose “Edit Content” after creating a document. Figure 02:Clicked on </> to add XSS payload.
There is a stored cross-site scripting (XSS) vulnerability in eSpace Desktop. Due to the insufficient validation of the input, an authenticated, remote attacker could exploit this vulnerability to send abnormal messages to the system and perform a XSS attack. A successful exploit could cause the ...
There is a stored xss vulnerability exists in eova [Suggested description] Cross SIte Scripting (XSS) vulnerability exists in eova. Because the form submission did not effectively process the special characters entered by the user, the malicious JS code was executed....
//github.com/modrnProph3t/CVE/blob/main/CVE-2024-3378.md ## Description A stored Cross Site Scripting (XSS) vulnerability was found in the iboss Secure Web Gateway product. The vulnerability is exploited by submitting a login attempt, intercepting the request, and adding a payload to the ...