Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Hitsteps Web Analytics plugin <= 5.86...
4.8CVSS
5.8AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Hitsteps Hitsteps Web Analytics plugin <= 5.86...
8.8CVSS
6.4AI Score
0.001EPSS
Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be...
9.8CVSS
9.4AI Score
0.001EPSS
Vulnerability in the Oracle Web Analytics product of Oracle E-Business Suite (component: Admin). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web Analytics. Successful...
8.1CVSS
8.1AI Score
0.001EPSS
Wikimedia Quarry analytics-quarry-web before 2020-12-15 allows Reflected XSS because app.py does not explicitly set the application/json content...
6.1CVSS
5.9AI Score
0.001EPSS
Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...
5.4CVSS
7.2AI Score
0.001EPSS
Vulnerability in the Oracle Web Analytics component of Oracle E-Business Suite (subcomponent: Common Libraries). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access.....
8.2CVSS
7.8AI Score
0.001EPSS