漏洞分类 - 跨站脚本 - XSS - 知道创宇 Seebug 漏洞平台

漏洞分类 — 跨站脚本

英文名字: XSS

CVE ID：: 79

漏洞详情：: 跨站脚本，即Cross Site Script (通常简写为XSS)是指攻击者利用网站程序对用户输入过滤不足，输入可以显示在页面上对其他用户造成影响的HTML代码，从而盗取用户资料、利用用户身份进行某种动作或者对访问者进行病毒侵害的一种攻击方式。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-62056	2014-04-03		Review Board Search Field跨站脚本漏洞		758 \| 0
SSV-62040	2014-04-02		IBM WebSphere Portal Web Content Manager UI 跨站脚本漏洞		1444 \| 0
SSV-62036	2014-04-02		OTRS Help Desk跨站脚本漏洞		645 \| 0
SSV-62041	2014-04-02		IBM WebSphere Portal跨站脚本漏洞		891 \| 0
SSV-62039	2014-04-02		Cisco Unity Connection Web Inbox跨站脚本漏洞		1306 \| 0
SSV-62033	2014-04-02		EMC VPLEX GeoSynchrony会话固定漏洞		514 \| 0
SSV-62023	2014-04-01		Synology DiskStation Manager跨站脚本漏洞		1433 \| 0
SSV-62019	2014-04-01		ZOHO ManageEngine OpStor多个跨站脚本漏洞		555 \| 0
SSV-62005	2014-03-31		Joomla! Kunena组件"[map]" BBCode脚本注入漏洞		1240 \| 0
SSV-61992	2014-03-31		iThoughtsHD Map名跨站脚本漏洞		1270 \| 0
SSV-61998	2014-03-31		ManageEngine OpStor跨站脚本和特权提升漏洞		465 \| 0
SSV-61984	2014-03-28		Cisco Prime Security Manager跨站脚本漏洞		1270 \| 0
SSV-61962	2014-03-27		Cacti未明HTML注入漏洞		1627 \| 0
SSV-61952	2014-03-27		IBM Lotus Protector for Mail Security跨站脚本漏洞		712 \| 0
SSV-61935	2014-03-26		McAfee Cloud Single Sign On登录审核表单跨站脚本漏洞		1415 \| 0
SSV-61937	2014-03-26		ownCloud多个跨站脚本漏洞		2067 \| 0
SSV-61946	2014-03-26		Check_MK 多个HTML注入和跨站脚本漏洞(CVE-2014-2329)		1117 \| 0
SSV-61908	2014-03-25		Drupal Nivo Slider Module模块跨站脚本漏洞		1613 \| 0
SSV-61928	2014-03-25		OXID eShop 'sample-name.html'跨站脚本漏洞		1258 \| 0
SSV-61925	2014-03-25		php-font-lib 'name'参数跨站脚本漏洞		1583 \| 0
SSV-61903	2014-03-25		CMSimple '/whizzywig/wb.php'跨站脚本漏洞		955 \| 0
SSV-61915	2014-03-25		IBM InfoSphere BigInsights HTTP应答拆分漏洞		819 \| 0
SSV-61924	2014-03-25		Silex跨站脚本漏洞		567 \| 0
SSV-61906	2014-03-25		GuppY跨站脚本和跨站请求伪造漏洞		662 \| 0
SSV-61883	2014-03-21		DotNetNuke未明脚本注入漏洞		1392 \| 0
SSV-61895	2014-03-21		Ruby rack-ssl Gem错误页面跨站脚本漏洞		1463 \| 0
SSV-61863	2014-03-20		IBM Tivoli Netcool/OMNIbus多个安全漏洞		598 \| 0
SSV-61862	2014-03-20		Webmin 'view.cgi'跨站脚本漏洞		637 \| 0
SSV-61851	2014-03-19		Joomla! Multi Calendar组件跨站脚本漏洞		1565 \| 0
SSV-61857	2014-03-19		Joomla! Pbbooking组件'manage.php'跨站脚本漏洞		1334 \| 0
SSV-61852	2014-03-19		Joomla! FreiChat组件"id"跨站脚本漏洞		1005 \| 0
SSV-61856	2014-03-19		Joomla! eXtplorer组件多个跨站脚本漏洞		1408 \| 0
SSV-61848	2014-03-19		Open-Xchange Server Email Subject脚本注入漏洞		528 \| 0
SSV-61840	2014-03-18		Proxmox Mail Gateway跨站脚本和HTML注入漏洞		771 \| 0
SSV-61836	2014-03-18		IBM Operational Decision Manager跨站脚本和跨站请求伪造漏洞		755 \| 0
SSV-61841	2014-03-18		BarracudaDrive多个跨站脚本漏洞		640 \| 0
SSV-61820	2014-03-17		WatchGuard Fireware XTM 'poll_name'参数跨站脚本漏洞		724 \| 0
SSV-61816	2014-03-17		Interchange错误页显示跨站脚本漏洞		510 \| 0
SSV-61805	2014-03-14		Juniper Junos Pulse Secure Access Service跨站脚本漏洞		1554 \| 0
SSV-61787	2014-03-13		ClanSphere "where"跨站脚本漏洞		544 \| 0
SSV-61786	2014-03-13		WordPress WP SlimStat插件URL脚本注入漏洞		804 \| 0
SSV-61791	2014-03-13		Open Classifieds跨站脚本漏洞		779 \| 0
SSV-61720	2014-03-11		Serena Dimensions CM跨站脚本漏洞		928 \| 0
SSV-61708	2014-03-10		SonicWALL NSA 2400 Security Dashboard跨站脚本漏洞		1342 \| 0
SSV-61712	2014-03-10		IP.Board多个跨站脚本漏洞		1798 \| 0
SSV-61716	2014-03-10		Ilch CMS跨站脚本漏洞		735 \| 0
SSV-61714	2014-03-10		Hitachi JP1/Integrated Management跨站脚本漏洞		625 \| 0
SSV-61713	2014-03-10		storytlr "search"跨站脚本漏洞		838 \| 0
SSV-61704	2014-03-10		Aker Secure Mail Gateway "msg_id"跨站脚本漏洞		537 \| 0
SSV-61710	2014-03-10		PyroCMS "email"跨站脚本漏洞		721 \| 0
SSV-61707	2014-03-10		e107多个参数跨站脚本漏洞		1589 \| 0
SSV-61706	2014-03-10		e107 "comment"脚本注入漏洞		1401 \| 0
SSV-61696	2014-03-07		Joomla! 'jform'参数HTML注入漏洞		1292 \| 0
SSV-61665	2014-03-06		MediaWiki 'formatHTML'函数跨站脚本漏洞		1517 \| 0
SSV-61667	2014-03-06		MediaWiki 'includes/upload/UploadBase.php'跨站脚本漏洞		1624 \| 0
SSV-61676	2014-03-06		WordPress PrintFriendly插件'options.php'多个跨站脚本漏洞		742 \| 0
SSV-61677	2014-03-06		WordPress VideoWhisper Live Streaming Integration多个跨站脚本漏洞		755 \| 0
SSV-61674	2014-03-06		WordPress BSK PDF Manager插件跨站脚本漏洞		579 \| 0
SSV-61672	2014-03-06		synetics i-doit pro API跨站脚本漏洞		562 \| 0
SSV-61675	2014-03-06		WordPress Post to PDF 'options.php'跨站脚本漏洞		609 \| 0
SSV-61673	2014-03-06		WordPress Alpine PhotoTile for Instagram插件跨站脚本漏洞		736 \| 0
SSV-61663	2014-03-06		couponPHP CMS 1.0跨站脚本漏洞		705 \| 0
SSV-61654	2014-03-05		SpagoBI HTML注入漏洞		1578 \| 0
SSV-61652	2014-03-05		IBM Rational多个产品多个安全漏洞		700 \| 0
SSV-61651	2014-03-05		IBM Enterprise Records多个输入验证漏洞		518 \| 0
SSV-61645	2014-03-05		CMS Made Simple跨站脚本和HTML注入漏洞		1229 \| 0
SSV-61655	2014-03-05		SpagoBI 'Description'字段HTML注入漏洞		1274 \| 0
SSV-61628	2014-03-04		bloofoxCMS "fileurl"跨站脚本和跨站请求伪造漏洞		1037 \| 0
SSV-61632	2014-03-04		Askbot多个跨站脚本漏洞		669 \| 0
SSV-61634	2014-03-04		Ganesha Digital Library跨站脚本漏洞		643 \| 0
SSV-61627	2014-03-03		Drupal Project Issue File Review模块HTML注入漏洞		1436 \| 0
SSV-61620	2014-03-03		Cisco Unified Communications Domain Manager多个跨站脚本漏洞		1126 \| 0
SSV-61617	2014-03-03		IBM Content Navigator跨站脚本漏洞		840 \| 0
SSV-61615	2014-03-03		IBM Rational Quality Manager Jazz Team Server未明远程代码执行漏洞		501 \| 0
SSV-61600	2014-02-28		WordPress Easy Media Gallery多个跨站脚本漏洞		619 \| 0
SSV-61603	2014-02-28		POSH多个安全漏洞		491 \| 0
SSV-61598	2014-02-28		WordPress Thank You Counter Button多个跨站脚本漏洞		811 \| 0
SSV-61599	2014-02-28		WordPress Feedweb Plugin '_wp_http_referer'参数跨站脚本漏洞		909 \| 0
SSV-61597	2014-02-28		WordPress Zedity插件'zaction'参数跨站脚本漏洞		641 \| 0
SSV-61580	2014-02-27		TYPO3多个跨站脚本漏洞		1467 \| 0
SSV-61571	2014-02-26		Telligent Evolution 'loading.aspx'跨站脚本漏洞		915 \| 0
SSV-61567	2014-02-26		多个ASUS路由器跨站脚本和验证绕过漏洞		1393 \| 0
SSV-61555	2014-02-25		InterWorx Web Control Panel跨站脚本漏洞		690 \| 0
SSV-61551	2014-02-25		Blackboard Learn未明跨站脚本漏洞		599 \| 0
SSV-61536	2014-02-24		phpMyAdmin 'import.php'跨站脚本漏洞		1943 \| 0
SSV-61532	2014-02-24		WordPress DZS-VideoGallery ‘ajax.php’跨站脚本漏洞		1309 \| 0
SSV-61520	2014-02-21		Cisco Unified Communications Manager跨站请求伪造漏洞		1317 \| 0
SSV-61519	2014-02-21		Cisco Unified Communications Manager IPMA跨站脚本漏洞		1392 \| 0
SSV-61523	2014-02-21		Pina CMS 'search'表单跨站脚本漏洞		800 \| 0
SSV-61502	2014-02-20		MyBB 'search.php'跨站脚本漏洞		1391 \| 0
SSV-61504	2014-02-20		Dell KACE K1000 Systems Management Appliance 'LABEL_ID'参数跨站脚本漏洞		962 \| 0
SSV-61464	2014-02-18		Sitecore CMS‘xmlcontrol’参数跨站脚本漏洞		1263 \| 0
SSV-61403	2014-02-10		Drupal Event calendar模块跨站脚本漏洞		1258 \| 0
SSV-62579	2014-02-07		DedeCMS 5.7 /images/swfupload/swfupload.swf 跨站脚本漏洞		7009 \| 0
SSV-61374	2014-01-23		Motorola WiMAX CPEi25890 /cgi-bin/f1_fcgi_cgi.fcgi设备名字段跨站脚本漏洞		1024 \| 0
SSV-61372	2014-01-22		Joomla Zap Weather FPD & Zap Calendar跨站脚本漏洞		1625 \| 0
SSV-61365	2014-01-22		ManageEngine EventLog Analyzer "j_username"跨站脚本漏洞		1215 \| 0
SSV-61362	2014-01-21		Teracom Modem T2-B-Gawv1.4U10Y-BI跨站脚本漏洞		1364 \| 0
SSV-61361	2014-01-21		AfterLogic Pro and Lite 7.1.1.1存储型跨站脚本漏洞		1523 \| 0
SSV-61342	2014-01-17		WordPress DT Chocolate跨站脚本漏洞		1010 \| 0

1
2
3
4
5
6
7
8
9
10
11
...
15