131 docs tagged with "XSS_Vulnerability"

View All Tags

CVE-2020-19515

qdPM V9.1 is vulnerable to Cross Site Scripting (XSS) via qdPM\install\modules\database_config.php.

CVE-2020-20982

Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitr

CVE-2020-23517

Cross Site Scripting (XSS) vulnerability in Aryanic HighMail (High CMS) versions 2020 and before all

CVE-2020-23697

Cross Site Scripting vulnerabilty in Monstra CMS 3.0.4 via the page feature in admin/index.php.

CVE-2020-8191

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 1

CVE-2021-20323

A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak.

CVE-2021-21087

Adobe Coldfusion versions 2016 (update 16 and earlier), 2018 (update 10 and earlier) and 2021.0.0.32

CVE-2021-24407

The Jannah WordPress theme before 5.4.5 did not properly sanitize the 'query' POST parameter in its

CVE-2021-26812

Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the 'sessionpri

CVE-2021-30049

SysAid 20.3.64 b14 is affected by Cross Site Scripting (XSS) via a /KeepAlive.jsp?stamp= URI.

CVE-2021-35323

Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via the username in admin/login.

CVE-2021-42551

Cross-site Scripting (XSS) vulnerability in the search functionality of AlCoda NetBiblio WebOPAC all

CVE-2021-43725

There is a Cross Site Scripting (XSS) vulnerability in SpotPage_login.php of Spotweb 1.5.1 and below

CVE-2021-46005

Sourcecodester Car Rental Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via vehi

CVE-2021-46068

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 vi

CVE-2021-46069

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 vi

CVE-2021-46071

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 vi

CVE-2021-46072

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 vi

CVE-2021-46073

A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Managemen

CVE-2021-46387

ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross Site Scripting (XSS). Insecure

CVE-2022-0087

keystone is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site S

CVE-2022-0378

Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11.

CVE-2022-0437

Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14.

CVE-2022-0678

Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11.

CVE-2022-0776

Cross-site Scripting (XSS) - DOM in GitHub repository hakimel/reveal.js prior to 4.3.0.

CVE-2022-0928

Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.12.

CVE-2022-0954

Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autoresp

CVE-2022-2174

Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.18.

CVE-2022-22242

A Cross-site Scripting (XSS) vulnerability in the J-Web component of Juniper Networks Junos OS allow

CVE-2022-2290

Cross-site Scripting (XSS) - Reflected in GitHub repository zadam/trilium prior to 0.52.4, 0.53.1-be

CVE-2022-24384

Cross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterToo

CVE-2022-2733

Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1.

CVE-2022-30073

WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via /admin/users/save.php.

CVE-2022-3506

Cross-site Scripting (XSS) - Stored in GitHub repository barrykooij/related-posts-for-wp prior to 2.

CVE-2022-40879

kkFileView v4.1.0 is vulnerable to Cross Site Scripting (XSS) via the parameter 'errorMsg.'

CVE-2022-45365

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2022-46073

Helmet Store Showroom 1.0 is vulnerable to Cross Site Scripting (XSS).

CVE-2023-1496

Cross-site Scripting (XSS) - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0.

CVE-2023-1880

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE-2023-1892

Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/sidekiq prior to 7.0.8.

CVE-2023-2516

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.

CVE-2023-25292

Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows attackers

CVE-2023-2591

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repos

CVE-2023-26692

ZCBS Zijper Collectie Beheer Systeem (ZCBS), Zijper Publication Management System (ZPBS), and Zijper

CVE-2023-2948

Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1.

CVE-2023-2949

Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1.

CVE-2023-29808

Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execu

CVE-2023-29839

A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.

CVE-2023-29983

Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to

CVE-2023-3009

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

CVE-2023-30210

OURPHP <= 7.2.0 is vulnerable to Cross Site Scripting (XSS) via ourphp_tz.php.

CVE-2023-30212

OURPHP <= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /client/manage/ourphp_out.php.

CVE-2023-30256

Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtai

CVE-2023-30347

Cross Site Scripting (XSS) vulnerability in Neox Contact Center 2.3.9, via the serach_sms_api_name p

CVE-2023-31546

Cross Site Scripting (XSS) vulnerability in DedeBIZ v6.0.3 allows attackers to run arbitrary code vi

CVE-2023-31703

Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console

CVE-2023-31779

Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege

CVE-2023-31852

Cudy LT400 1.13.4 is vulnerable to Cross Site Scripting (XSS) in cgi-bin/luci/admin/network/wireless

CVE-2023-31853

Cudy LT400 1.13.4 is vulnerable Cross Site Scripting (XSS) in /cgi-bin/luci/admin/network/bandwidth

CVE-2023-33408

Minical 1.0.0 is vulnerable to Cross Site Scripting (XSS). The vulnerability exists due to insuffici

CVE-2023-33580

Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) i

CVE-2023-33731

Reflected Cross Site Scripting (XSS) in the view dashboard detail feature in Microworld Technologies

CVE-2023-33732

Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management consol

CVE-2023-34192

Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to

CVE-2023-3479

Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8.

CVE-2023-34835

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400

CVE-2023-34836

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400

CVE-2023-34837

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400

CVE-2023-34838

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400

CVE-2023-36158

Cross Site Scripting (XSS) vulnerability in sourcecodester Toll Tax Management System 1.0 allows rem

CVE-2023-36159

Cross Site Scripting (XSS) vulnerability in sourcecodester Lost and Found Information System 1.0 all

CVE-2023-36163

Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote attacker to ex

CVE-2023-36306

A Cross Site Scripting (XSS) vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a rem

CVE-2023-39062

Cross Site Scripting vulnerability in Spipu HTML2PDF before v.5.2.8 allows a remote attacker to exec

CVE-2023-39598

Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote attacke

CVE-2023-40000

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2023-40355

Cross Site Scripting (XSS) vulnerability in Axigen versions 10.3.3.0 before 10.3.3.59, 10.4.0 before

CVE-2023-40869

Cross Site Scripting vulnerability in mooSocial mooSocial Software 3.1.6 and 3.1.7 allows a remote a

CVE-2023-41425

Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to ex

CVE-2023-41436

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary co

CVE-2023-4145

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.

CVE-2023-41538

phpjabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting (XSS) via the keyword paramete