Page 3 of 21 results (0.002 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000516
https://notcve.org/view.php?id=CVE-2018-1000516
26 Jun 2018 — The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability in Many templates used in the Galaxy server did not properly sanitize user's input, which would allow for cross-site scripting (XSS) attacks. In this form of attack, a malicious person can create a URL which, when opened by a Galaxy user or administrator, would allow the malicious user to execute arbitrary Javascript. that can result in Arbitrary JavaScript code execution. Th... • https://galaxyproject.org/archive/dev-news-briefs/2015-01-13/#security • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •