漏洞分类 — 跨站脚本

英文名字
XSS
CVE ID:
79
漏洞详情:
跨站脚本,即Cross Site Script (通常简写为XSS)是指攻击者利用网站程序对用户输入过滤不足,输入可以显示在页面上对其他用户造成影响的HTML代码,从而盗取用户资料、利用用户身份进行某种动作或者对访问者进行病毒侵害的一种攻击方式。

相关漏洞

SSV ID 漏洞名称
SSV-97263 Vlcms xss漏洞
SSV-97256 Multiple Vulnerabilities in TP-Link TL-SG108E(CVE-2017-17745, CVE-2017-17746, CVE-2017-17747)
SSV-97255 Multiple vulnerabilities in Loxone Smart Home
SSV-97252 AXIS Communications - Cross-Site Scripting / Content Injection(CVE-2015-8258)
SSV-97249 WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting (PoC)
SSV-97235 Catfish(鲶鱼) Blog V1.3.15存储型 xss
SSV-97220 EAadmin极简社区存在XSS反射型漏洞
SSV-97218 EAadmin极简社区存在XSS存储型漏洞
SSV-97216 Catfishcms_v4.7.18后台存储型XSS漏洞
SSV-97162 phpMyWindV5.4用户评论处存储型xss
SSV-97103 xiuno bbs xss漏洞
SSV-97078 rails_admin rails gem XSS vulnerability(CVE-2017-12098)
SSV-97077 Rails delayed_job_web XSS(CVE-2017-12097)
SSV-97053 ZKTeco ZKBioSecurity 3.0 Multiple XSS Vulnerabilities
SSV-97048 ZKTeco ZKAccess Security System 5.3.1 Stored XSS Vulnerability
SSV-97047 InfraPower PPS-02-S Q213V1 Multiple XSS Vulnerabilities
SSV-97038 Dell SonicWALL Global Management System GMS 8.1 XSS Vulnerabilities
SSV-97036 Dell SonicWALL Network Security Appliance NSA 6600 Reflected XSS
SSV-97035 Dell SonicWALL Secure Mobile Access SMA 8.1 XSS And WAF CSRF
SSV-97028 Easy!Appointments v1.2.1 Multiple Stored XSS Vulnerabilities
SSV-97027 NS International Train Tickets v7.31.4 Reflected XSS Vulnerability
SSV-97025 phpcms9.6.3后台存储型xss
SSV-96976 TrueConf Server v4.3.7 Multiple Remote Web Vulnerabilities
SSV-96975 SonicDICOM PACS 2.3.2 Multiple Stored Cross-Site Scripting Vulnerabilities
SSV-96967 Emby MediaServer 3.2.5 Reflected XSS Vulnerability
SSV-96963 Serviio PRO 1.8 DLNA Media Streaming Server (mediabrowser) DOM Based XSS
SSV-96959 华天动力OA系统登陆表单某参数可导致xss漏洞
SSV-96952 SimpleRisk v20170416-001 Reflected XSS Vulnerabilities
SSV-96949 Schneider Electric Pelco Sarix/Spectra Cameras Multiple XSS Vulnerabilities
SSV-96938 Dasan Networks GPON ONT WiFi Router H64X Series Cross-Site Request Forgery
SSV-96936 Allworx Server Manager Multiple Cross-Site Scripting Vulnerabilities
SSV-96777 HPE Baseline Smart Gig SFP 24 Switch Pre-authentication Stored XSS
SSV-96711 Webmin Multiple Vulnerabilities
SSV-96598 UCMS 站点设置界面 存在存储型xss漏洞
SSV-96571 优客365存储型XSS
SSV-96533 Moxa AWK-3131A Web Application Multiple Reflected Cross-Site Scripting Vulnerabilities(CVE-2016-8719)
SSV-96439 OpenFire 3.10.2 < 4.0.1 - Multiple Vulnerabilities
SSV-96434 FineCMS_5.0.10_XSS#5
SSV-96433 FineCMS_5.0.10_XSS#4
SSV-96432 FineCMS_5.0.10_XSS#3
SSV-96431 FineCMS_5.0.10_XSS#2
SSV-96430 FineCMS_5.0.10_XSS#1
SSV-96416 OURPHP 前台反射型XSS
SSV-96393 YxtCMF最新版一处XSS4
SSV-96391 YxtCMF最新版一处XSS3
SSV-96390 YxtCMF最新版一处XSS2
SSV-96389 YxtCMF最新版一处XSS
SSV-96380 zzcms8.1后台发站内信息存储型xss
SSV-96379 zzcms8.1后台多处存储型xss
SSV-96378 zzcms8.1后台类别存储型xss
SSV-96377 zzcms8.1后台存广告添加储型xss
SSV-96373 WeiPHP前台xss漏洞
SSV-96372 zzcms8.1后台存储型xss
SSV-96364 zzcms8.1一处存储型xss+csrf可盗取所有用户cookie
SSV-96324 OurPHP搜索框存储型 xss漏洞
SSV-96288 FineCMS 反射性xss
SSV-96272 FineCMS multi vulnerablity
SSV-96269 WP Statistics Authenticated XSS Vulnerability
SSV-96262 KindEditor 跨站脚本漏洞
SSV-96261 UEditor 跨站脚本漏洞
SSV-93208 OurPHP会员中心 xss漏洞
SSV-93205 Invision Power Board 4.1.19.2 XSS / CSRF / File Upload / Information Disclosure
SSV-93204 A Look at --- SharePoint's Follow Feature XSS(CVE-2017-8514 )
SSV-93187 OurPHP存储型xss
SSV-93134 国微CMS 多处反射型XSS
SSV-93099 Microsoft IIS Server XSS Vulnerability(CVE-2017-0055)
SSV-93082 Joomla! Core XSS Vulnerability(CVE-2017-7986)
SSV-93081 Joomla! Core XSS Vulnerability(CVE-2017-7985)
SSV-93057 OurPHP最新版 存储型xss
SSV-93053 WordPress Plugin Podlove Podcast Publisher Cross Site Scripting and SQL Injection Vulnerabilities
SSV-93052 WordPress Plugin All In One WP Security & Firewall Cross-Site Scripting
SSV-93049 Cross-Site Request Forgery (CSRF)/Cross-Site Scripting (XSS) Vulnerability in Twitter Cards Meta
SSV-93048 Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in wpDataTables Lite
SSV-93046 WordPress Plugin Social Share Buttons-Social Pug Cross-Site Scripting
SSV-93015 Cloudera Manager =< 5.5 Stored and reflected XSS (CVE-2016-4948)
SSV-93011 Cloudera HUE =< 3.9.0 is vulnerable to multiple stored XSS (CVE-2016-4946)
SSV-92995 PHPCMS V9 全版本反射型XSS
SSV-92920 WebKit: Use-After-Free via Document::adoptNode (CVE-2017-2468)
SSV-92863 DedeCMS 存储型xss漏洞
SSV-92855 Dedecms存在储存型跨站脚本漏洞
SSV-92845 WordPress Core before 4.7 Stored XSS
SSV-92829 pfsense 2.3.2 XSS Vulnerability
SSV-92814 Joomla 组件com_fabrik 反射型XSS漏洞
SSV-92811 MetInfo v5.3.15存在一处存储型XSS漏洞
SSV-92810 MetInfo5.3.15 存储型 XSS 漏洞(CVE-2017-6878)
SSV-92792 RoundCube Webmail邮件 <1.0.5 正文存储型XSS(CVE-2015-1433)
SSV-92784 Roundcube 邮件正文存储型跨站漏洞(CVE-2017-6820)
SSV-92757 Cross site scripting vulnerability in django-epiceditor(CVE-2017-6591)
SSV-92756 Epiceditor – Cross-Site Scripting(CVE-2017-6589)
SSV-92754 Cross Site Scripting injection vulnerability in SANADATA SanaCMS 7.3
SSV-92753 WordPress audio playlist functionality is affected by Cross-Site Scripting
SSV-92739 WordPress Plugin Corner Ad 1.0.7 - Cross-Site Scripting
SSV-92731 MDwiki <= v0.6.2 DomXSS Vulnerability
SSV-92666 Discuz!2.5-3.3版本存储型 XSS 漏洞
SSV-92665 jQuery Mobile redirect XSS vulnerability
SSV-92660 蝉知CMS v5.6 user-deny 反射型XSS漏洞
SSV-92545 Chrome 不当使用 Flash message loop 导致的 UXSS 漏洞(CVE-2016-1631)
SSV-92521 FCKEditor Core - (Editor 'spellchecker.php') Cross-Site Scripting
SSV-92458 Wordpress <= 4.6.1 Stored XSS Via Theme File
SSV-92439 Safari showModalDialog 方法 UXSS漏洞
京ICP备10040895号 京公网安备 11010502034610号 Copyright @ 404 Team from Knownsec. English