Skip to main content
CVE-2015-2250 MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in concrete5 before 5.7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) banned_word[] parameter to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS PHP Concrete5
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-0634 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the administrative interface in Cisco WebEx Meetings Server 2.5 and 2.5.0.997 allows remote attackers to inject arbitrary web script or HTML via a crafted. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Webex Meetings Server
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-0734 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email Security Appliance (ESA) 8.5.6-106 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Email Security Appliance Firmware
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0728 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Cisco Access Control Server (ACS) 5.5(0.1) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuu11002. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Secure Access Control System
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0727 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco Security Manager (CSM) 4.7(0)SP1(1) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Security Manager
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0724 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in dncs 7.0.0.12 in Cisco Headend Digital Broadband Delivery System allow remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Headend Digital Broadband Delivery System
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-3989 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in concrete5 before 5.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to private messages or other. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Concrete5
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy