485 matches found
EUVD-2025-5921
Malicious code in bioql PyPI...
EUVD-2024-34041
Malicious code in bioql PyPI...
EUVD-2022-40779
Malicious code in bioql PyPI...
EUVD-2025-4079
Malicious code in bioql PyPI...
EUVD-2024-35986
Malicious code in bioql PyPI...
EUVD-2022-40781
Malicious code in bioql PyPI...
EUVD-2023-30097
Malicious code in bioql PyPI...
EUVD-2024-23016
Malicious code in bioql PyPI...
EUVD-2022-40791
Malicious code in bioql PyPI...
EUVD-2023-34853
Malicious code in bioql PyPI...
CVE-2025-53838 LinkAce has a Stored One Click XSS vulnerability
LinkAce is a self-hosted archive to collect website links. A stored cross-site scripting XSS vulnerability was discovered in versions prior to 2.1.9 that allows an attacker to inject arbitrary JavaScript, which is then executed in the context of a user's browser when the malicious link is clicked...
CVE-2025-0656
IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
TencentOS Server 4: alertmanager (TSSA-2024:0822)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0822 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
CVE-2025-4417
A cross-site scripting vulnerability exists in AVEVA PI Connector for CygNet Versions 1.6.14 and prior that, if exploited, could allow an administrator miscreant with local access to the connector admin portal to persist arbitrary JavaScript code that will be executed by other users who visit...
CVE-2025-23392 Reflected XSS in SystemsController.java in spacewalk-java
A Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in spacewalk-java allows execution of arbitrary Javascript code on target systems.This issue affects Container suse/manager/5.0/x8664/server:5.0.4.7.19.1: from ? before 5.0.24-150600.3.25.1; Container...
Cross-Site Scripting (XSS)
clickstorm/cs-seo is vulnerable to cross-site scripting XSS. The vulnerability is due to improper handling of data in the JSON-LD output, allows an attacker to execute arbitrary JavaScript code in the context of the affected TYPO3 backend session...
CVE-2025-22388
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.22.0. A high-severity Stored Cross-Site Scripting XSS vulnerability exists in the CMS, allowing malicious actors to inject and execute arbitrary JavaScript code, potentially compromising user data, escalating privileges, or...
CVE-2024-23729
The ColorOS Internet Browser com.heytap.browser application 45.10.3.4.1 for Android allows a remote attacker to execute arbitrary JavaScript code via the com.android.browser.RealBrowserActivity component...
CVE-2023-46948
A reflected Cross-Site Scripting XSS vulnerability was found on Temenos T24 Browser R19.40 that enables a remote attacker to execute arbitrary JavaScript code via the skin parameter in the about.jsp and genrequest.jsp components...
CVE-2023-34599
Multiple Cross-Site Scripting XSS vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code...