An ActiveMQ Discovery service was reachable by default from an OpenEdge Management installation when an OEE/OEM auto-discovery feature was activated. Unauthorized access to the discovery service's UDP port allowed content injection into parts of the OEM web interface making it possible for other types of attack that could spoof or deceive web interface users. Unauthorized use of the OEE/OEM discovery service was remediated by deactivating the discovery service by default.
In Progress Flowmon before 12.2.0, an application endpoint failed to sanitize user-supplied input. A threat actor could leverage a reflected XSS vulnerability to execute arbitrary code within the context of a Flowmon user's web browser.
An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. This affects 2018 - 2018.0 prior to 2018.0.3, 2018 SP1 - 2018.2 prior to 2018.2.3, 2018 SP2 - 2018.3 prior to 2018.3.7, 2019 - 2019.0 prior to 2019.0.3, 2019.1 - 2019.1 prior to 2019.1.2, and 2019.2 - 2019.2 prior to 2019.2.2.
Cross-site scripting (XSS) vulnerability in Ipswitch WhatsUp Gold 15.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the SNMP system name of the attacking host.
Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add folder filename boxes, it is possible to execute client-side commands. For example, there is Client-Side Template Injection via subFolderPath to the ThinClient/WtmApiService.asmx/GetFileSubTree URI.
In Progress WS_FTP Server prior to version 8.7.3, multiple reflected cross-site scripting (XSS) vulnerabilities exist in the administrative web interface. It is possible for a remote attacker to inject arbitrary JavaScript into a WS_FTP administrator's web session. This would allow the attacker to execute code within the context of the victim's browser.
Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17053.
Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17054.
Cross-site scripting (XSS) vulnerability in Progress Kendo UI Editor v2018.1.221 allows remote attackers to inject arbitrary JavaScript into the DOM of the WYSIWYG editor because of the editorNS.Serializer toEditableHtml function in kendo.all.min.js. If the victim accesses the editor, the payload gets executed. Furthermore, if the payload is reflected at any other resource that does rely on the sanitisation of the editor itself, the JavaScript payload will be executed in the context of the application. This allows attackers (in the worst case) to take over user sessions.
Cross-site scripting (XSS) vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
In Progress WhatsUp Gold prior to version 21.1.0, an application endpoint failed to adequately sanitize malicious input. which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser.
Cross-site scripting (XSS) vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote attackers to inject arbitrary web script or HTML via the bgColor parameter to Telerik.ReportViewer.axd.
In WS_FTP Server versions before 8.8.5, reflected cross-site scripting issues have been identified on various user supplied inputs on the WS_FTP Server administrative interface.
In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a reflected cross-site scripting (XSS) vulnerability has been identified when MOVEit Gateway is used in conjunction with MOVEit Transfer. An attacker could craft a malicious payload targeting the system which comprises a MOVEit Gateway and MOVEit Transfer deployment. If a MOVEit user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victim’s browser.
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a reflected cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Ad Hoc Transfer module. An attacker could leverage this vulnerability to target WS_FTP Server users with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.
In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a reflected cross-site scripting (XSS) vulnerability has been identified in MOVEit Transfer's web interface. An attacker could craft a malicious payload targeting MOVEit Transfer users during the package composition procedure. If a MOVEit user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
In Progress WhatsUp Gold before 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS.
Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow Monitor Credentials field, (6) the Flow Monitor Threshold Name field, (7) the Task Library Name field, (8) the Task Library Description field, (9) the Policy Library Name field, (10) the Policy Library Description field, (11) the Template Library Name field, (12) the Template Library Description field, (13) the System Script Library Name field, (14) the System Script Library Description field, or (15) the CLI Settings Library Description field.
In Progress WhatsUp Gold before 22.1.0, an SNMP MIB Walker application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser.
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries.
In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, a REST API endpoint failed to adequately sanitize malicious input, which could allow an authenticated attacker to execute arbitrary code in a victim's browser, aka XSS.
In Progress MOVEit Transfer before 2020.1, a malicious user could craft and store a payload within the application. If a victim within the MOVEit Transfer instance interacts with the stored payload, it could invoke and execute arbitrary code within the context of the victim's browser (XSS).
Improper Neutralization of Input During CMS Backend (adminstrative section) Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Progress Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421.
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
Progress Sitefinity 9.1 has XSS via file upload, because JavaScript code in an HTML file has the same origin as the application's own code. This is fixed in 10.1.
Progress Sitefinity 9.1 has XSS via the Content Management Template Configuration (aka Templateconfiguration), as demonstrated by the src attribute of an IMG element. This is fixed in 10.1.
Progress Sitefinity 9.1 has XSS via the Last name, First name, and About fields on the New User Creation Page. This is fixed in 10.1.
Potential Cross-Site Scripting (XSS) in the page editing area.
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within a device group. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Roles. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within a dashboard component. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
In WS_FTP Server version prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads. Once the cross-site scripting payload is successfully stored, an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.
Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.
iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS.
Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. (Chromium security severity: Medium)
The LH Copy Media File plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.08. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Agustin Berasategui AB Categories Search Widget allows Reflected XSS.This issue affects AB Categories Search Widget: from n/a through 0.2.5.
The PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer – DearFlip plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'pdf_source' parameter in all versions up to, and including, 2.3.32 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS related to the add_query_arg() and remove_query_arg() functions.
WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 through 1.1.2, and iPod touch 1.1 through 1.1.2 allows remote attackers to "navigate the subframes of any other page," which can be leveraged to conduct cross-site scripting (XSS) attacks and obtain sensitive information.
The WordPress Affiliates Plugin — SliceWP Affiliates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.1.20. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
The relevant plugin before 1.0.8 for WordPress has XSS.
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
A vulnerability was found in Gouniverse GoLang CMS 1.4.0. It has been declared as problematic. This vulnerability affects the function PageRenderHtmlByAlias of the file FrontendHandler.go. The manipulation of the argument alias leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.1 is able to address this issue. The patch is identified as 3e661cdfb4beeb9fe2ad507cdb8104c0b17d072c. It is recommended to upgrade the affected component.
The two-factor-authentication plugin before 1.1.10 for WordPress has XSS in the admin area.
The WP Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters from 'timeline_obj' in all versions up to, and including, 10.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
2Checkout Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter 'type' to the /suggest URI.
The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS.