CVE-2021-33328

Cross-site scripting XSS vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the 1...

LumisXP 16.1.x Cross Site Scripting

===== Tempest Security Intelligence - ADV-6/2024 ========================== LumisXP v15.0.x to v16.1.x Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview Detailed description Timeli...

CVE-2023-33328

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps MailChimp Subscribe Form plugin = 4.0.9.1 versions...

CVE-2023-33328

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps MailChimp Subscribe Form plugin = 4.0.9.1 versions...

CVE-2023-33328

CVE-2023-33328 : A Stored Cross-Site Scripting (XSS) vulnerability in the PluginOps MailChimp Subscribe Form plugin (versions

WordPress MailChimp Subscribe Forms Plugin <= 4.0.9.1 is vulnerable to Cross Site Scripting (XSS)

Software MailChimp Subscribe Forms Type Plugin Vulnerable versions = 4.0.9.1 Fixed in 4.0.9.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33328 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 713b44e2af64 Credits Rio...

CVE-2022-33328

creationtimestamp| type| source ---|---|--- 2022-06-30 22:43:53+00:00| seen| https://t.me/cibsecurity/45446...

CVE-2022-33328

Robustel R1510 Web Server (3.3.0) suffers OS command injection in multiple AJAX endpoints. The TALOS summary details unsafe code paths using user-supplied parameters (e.g., /ajax/remove/, /ajax/config_rollback/, /ajax/remove_sniffer_raw_log/, /ajax/clear_tools_log/, /ajax/set_sys_time/), where fo...

CVE-2021-33328

Cross-site scripting XSS vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the 1...

CVE-2021-33328

Cross-site scripting XSS vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the 1...

CVE-2021-33328

Cross-site scripting XSS vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the 1...

CVE-2021-33328

CVE-2021-33328 is a cross-site scripting (XSS) vulnerability in the Liferay Portal/DXP Asset module, affect­ing the edit vocabulary page. The issue can be triggered via two parameters: “_com_liferay_journal_web_portlet_JournalPortlet_name” and “_com_liferay_document_library_web_portlet_DLAdminPor...

mallree.com XSS vulnerability

Vulnerable URL: https://www.mallree.com/search.html?sk===1=%22%3E%3Csvg%2Fonload%3Dalert%28%2FXSSPOSED%2F%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 33328 Google Pagerank...