CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/05/22 4:36 p.m.•7 views

CVE-2020-28847

Cross Site Scripting XSS vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment...

5.4CVSS5.8AI score0.00441EPSS

Exploits0

vulnersOsv•added 2022/04/06 12:1 a.m.•8 views

@gitldy1013/vuepress-theme-ldy (>=1.1.2 <=1.1.3), @next-theme/plugins (>=0.0.2 <=8.1.0) +17 more potentially affected by CVE-2020-28847 via valine (>=1.3.10 <=1.4.14)

valine NPM version =1.3.10, =1.1.2, =0.0.2, =2.0.0-beta.0, =1.0.11, =0.0.1, =1.0.0, =1.0.0, =1.0.8-alpha.5, =1.1.2, =1.2.1, =1.0.1, =1.0.0, =3.0.0-beta.2, =3.0.0-beta.3 and more Source cves: CVE-2020-28847 Source advisory: OSV:GHSA-6XVQ-2GJ8-4276...

5.4CVSS6AI score0.00441EPSS

Exploits0

Circl•added 2022/04/05 8:28 p.m.•2 views

CVE-2020-28847

creationtimestamp| type| source ---|---|--- 2022-04-05 20:28:55+00:00| seen| https://t.me/cibsecurity/40173...

5.4CVSS5.5AI score0.00441EPSS

Exploits0References1

Cvelist•added 2022/04/05 3:37 p.m.•10 views

CVE-2020-28847

Cross Site Scripting XSS vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment...

5.2AI score0.00441EPSS

Exploits0References1

CVE•added 2022/04/05 3:37 p.m.•51 views

CVE-2020-28847

CVE-2020-28847 affects Valine (xCss Valine) 1.4.14 due to insufficient sanitization of the nick parameter in /classes/Comment, enabling cross-site scripting. The issue is documented across multiple feeds; a fix was released in version 1.4.15. Impact is XSS with user-provided nick data stored/echo...

5.4CVSS5.2AI score0.00441EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by