Skip to main content

66 docs tagged with "JavaScript_Programming_language"

View all tags

CVE-2000-0081

Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attack

CVE-2000-0085

Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attack

CVE-2007-0045

Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and

CVE-2007-0099

Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer

CVE-2007-0127

The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createS

CVE-2007-0186

Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN allow remote attackers to

CVE-2009-0070

Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary m

CVE-2011-0003

MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to

CVE-2012-6464

Cross-site scripting (XSS) vulnerability in Opera before 12.10 allows remote attackers to inject arb

CVE-2013-6430

The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring

CVE-2016-6585

A Denial of Service vulnerability exists in Symantec Norton Mobile Security for Android prior to 3.1

CVE-2016-6586

A security bypass vulnerability exists in Symantec Norton Mobile Security for Android before 3.16, w

CVE-2018-0483

A vulnerability in Cisco Jabber Client Framework (JCF) could allow an authenticated, remote attacker

CVE-2018-11798

The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to

CVE-2018-1657

IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerabil

CVE-2018-18005

Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06

CVE-2018-18244

Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to

CVE-2018-1918

IBM Jazz Reporting Service (JRS) 6.0.3, 6.0.4, 6.0.5, and 6.0.6 is vulnerable to cross-site scriptin

CVE-2018-1951

IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerabil

CVE-2018-6096

A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome

CVE-2018-6160

JavaScript alert handling in Prompts in Google Chrome prior to 68.0.3440.75 allowed a remote attacke

CVE-2018-8827

The admin web interface on Technicolor MediaAccess TG789vac v2 HP devices with firmware v16.3.7190-2

CVE-2019-14918

XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows

CVE-2019-17001

A Content-Security-Policy that blocks in-line scripts could be bypassed using an object tag to execu

CVE-2019-17020

If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet,

CVE-2019-18652

A DOM based XSS vulnerability has been identified on the WatchGuard XMT515 through 12.1.3, allowing

CVE-2019-19494

Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allow

CVE-2019-19495

The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows

CVE-2020-23849

Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2 through injecting and executin

CVE-2020-26297

mdBook is a utility to create modern online books from Markdown files and is written in Rust. In mdB

CVE-2020-28464

This affects the package djv before 2.1.4. By controlling the schema file, an attacker can run arbit

CVE-2020-29496

Dell Wyse Management Suite versions prior to 3.1 contain a stored cross-site scripting vulnerability

CVE-2020-29497

Dell Wyse Management Suite versions prior to 3.1 contain a stored cross-site scripting vulnerability

CVE-2020-4663

IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. Th

CVE-2020-4664

IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. Th

CVE-2020-4666

IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. Th

CVE-2020-4691

IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users

CVE-2020-4697

IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users

CVE-2020-4733

IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users

CVE-2020-4838

IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to stored cross-site scripting. This vulnerab

CVE-2020-4892

IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site scripting. This vulnerability al

CVE-2020-4895

IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 is vulnerable to stored cross-si

CVE-2020-4909

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to e

CVE-2020-4910

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to e

CVE-2020-4916

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to e

CVE-2020-5497

The OpenID Connect reference implementation for MITREid Connect through 1.3.3 allows XSS due to user

CVE-2020-6836

grammar-parser.jison in the hot-formula-parser package before 3.0.1 for Node.js is vulnerable to arb

CVE-2020-6847

OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is executed when an administrator att

CVE-2020-8160

MendixSSO <= 2.1.1 contains endpoints that make use of the openid handler, which is suffering from a

CVE-2021-21447

SAP BusinessObjects Business Intelligence platform, versions 410, 420, allows an authenticated attac

CVE-2021-23933

OX App Suite through 7.10.4 allows XSS via JavaScript in a Note referenced by a mail:// URL.

CVE-2021-23934

OX App Suite through 7.10.4 allows XSS via a contact whose name contains JavaScript code.

CVE-2021-23935

OX App Suite through 7.10.4 allows XSS via an appointment in which the location contains JavaScript

CVE-2021-32821

MooTools is a collection of JavaScript utilities for JavaScript developers. All known versions inclu

CVE-2021-38895

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 is vulnerable to cross-site scripting. This vulne

CVE-2021-43852

OroPlatform is a PHP Business Application Platform. In affected versions by sending a specially craf

CVE-2021-43942

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrar

CVE-2021-43960

Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires admi

CVE-2021-44649

Django CMS 3.7.3 does not validate the plugin_type parameter while generating error messages for an

CVE-2021-45979

Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary cod

CVE-2021-45980

Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary cod

CVE-2022-21662

WordPress is a free and open-source content management system written in PHP and paired with a Maria

CVE-2022-21671

@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that

CVE-2022-21676

Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communi

CVE-2022-34322

Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an attacker

CVE-2022-34323

Multiple XSS issues were discovered in Sage XRT Business Exchange 12.4.302 that allow an attacker to