cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118).
View Full Alert
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack. View Full Alert
Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection. View Full Alert
A Cross Site Scripting (XSS) vulnerability in versions of F5 WebSafe Dashboard 3.9.x and earlier, aka F5 WebSafe Alert Server, allows an unauthenticated user to inject HTML via a crafted…