• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-12339

February 26, 2023 by

ArticleCMS through 2017-02-19 has XSS via an “add an article” action.

CVE-2018-12353

February 26, 2023 by

Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name field to the “Business Model’s Catalogue” catalogue.

CVE-2018-12355

February 26, 2023 by

Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name or description field to the “Olap Schemas’ Catalogue” catalogue.

CVE-2018-12297

February 26, 2023 by

Cross-site scripting in API error pages in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via URL path names.

CVE-2018-12299

February 26, 2023 by

Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via uploaded file names.

CVE-2018-12302

February 26, 2023 by

Missing HTTPOnly flag on session cookies in the Seagate NAS OS version 4.3.15.1 web application allows attackers to steal session tokens via cross-site scripting.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 500
  • Go to page 501
  • Go to page 502
  • Go to page 503
  • Go to page 504
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE