YouTube.com suffers from a cross site scripting flaw in the hidden form field "field_sendmessage_subject".
1fe92e0e7d355275ef0b2103ee8b3133cb508661ea26a7d4c7f338966026333cThe Juniper Networks DX System log is vulnerable to a persistent, unauthenticated XSS attack. This vulnerability can be exploited by an attacker to obtain full administrative access to the Juniper DX appliance. Versions 5.1.x are affected.
a1ed4a3e719624facdc99fa06c2d783d53aeb9a14ae8ced2f440bd4576ba2f62A vulnerability has been identified in the Cisco Secure ACS session management architecture which could be exploited by an attacker to obtain full administrative access to the web interface and thus all managed assets (routers, switches, 802.1x authenticated networks, etc). Cisco Secure ACS 4.x for Windows is affected. Legacy versions may also be affected.
fbf80693021296569355b9ad54cadd3aa96fd503cd199519dd68a9b42c2c781eThe Trend Micro Control Manager is vulnerable to a persistent, unauthenticated cross site scripting attack. Version 3.5 is affected. Earlier versions may also be affected.
c3d1d3bbbf78085ec649a55ccb2a77773e6db22a4402d09da1ae786cd449f05eGMail and Google Groups are vulnerable to an cross site scripting (XSS) attack due to their reliance on Content-Disposition to provide separation between the HTML file download and application scopes.
36c3caf867d3ffaeb99e710551c40b989b1ec886d122466cd3668d577cdf5d67Microsoft Internet Explorer Content-Disposition HTML File Handling Flaw
574a829b559c4c5a3baadc376478a5b2bd98146b0176aa0b1c002faa78f2dace
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed