Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-33793: Stored Cross Site Scripting Vulnerability in "Create Power Panels" function in Netbox 3.5.1 · Issue #1 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Power Panels (/dcim/power-panels/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE
Open in Source
#xss#vulnerability#web#auth
CVE-2023-33794: Stored Cross Site Scripting Vulnerability in "Create Tenants" function in Netbox 3.5.1 · Issue #5 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Tenants (/tenancy/tenants/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2022-42225: Multiple XSS

Jumpserver 2.10.0 <= version <= 2.26.0 contains multiple stored XSS vulnerabilities because of improper filtering of user input, which can execute any javascript under admin's permission.

CVE-2023-33788: Stored Cross Site Scripting Vulnerability in "Create Providers" function in Netbox 3.5.1 · Issue #3 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Providers (/circuits/providers/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33787: Stored Cross Site Scripting Vulnerability in "Create Tenant Groups" function in Netbox 3.5.1 · Issue #6 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Tenant Groups (/tenancy/tenant-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33786: Stored Cross Site Scripting Vulnerability in "Create Circuit Types" function in Netbox 3.5.1 · Issue #2 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Circuit Types (/circuits/circuit-types/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33789: Stored Cross Site Scripting Vulnerability in "Create Contact Groups" function in Netbox 3.5.1 · Issue #7 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Contact Groups (/tenancy/contact-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33785: Stored Cross Site Scripting Vulnerability in "Create Rack Roles" function in Netbox 3.5.1 · Issue #8 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Rack Roles (/dcim/rack-roles/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33790: Stored Cross Site Scripting Vulnerability in "Create Locations" function in Netbox 3.5.1 · Issue #9 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Locations (/dcim/locations/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

GHSA-pfwc-4frf-4gf8: Cross-site scripting in Liferay Portal

Cross-site scripting (XSS) vulnerability in Layout module in Liferay Portal 7.3.4 through 7.4.3.68, and Liferay DXP 7.3 before update 24, and 7.4 before update 69 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a container type layout fragment's `URL` text field.