Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2049 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 10:56 p.m.7 views

CVE-2022-32074

A stored cross-site scripting XSS vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file...

5.4CVSS5.5AI score0.01232EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:52 p.m.4 views

CVE-2022-31455

A cross-site scripting XSS vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a user chat box...

6.1CVSS5.8AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:45 p.m.10 views

CVE-2022-45223

Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /Admin/add-student.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter...

4.8CVSS6.1AI score0.00467EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:45 p.m.6 views

CVE-2022-45217

A cross-site scripting XSS vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Level parameter under the Add New System User module...

5.4CVSS5.8AI score0.00548EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:41 p.m.10 views

CVE-2022-44959

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /meetings/listmeetings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.4CVSS6.1AI score0.00415EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:41 p.m.4 views

CVE-2022-44955

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field...

5.4CVSS6.1AI score0.00405EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:13 p.m.9 views

CVE-2022-20936

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...

4.8CVSS5.9AI score0.00446EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:47 p.m.6 views

CVE-2022-45015

A cross-site scripting XSS vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Results Footer field...

4.8CVSS5.7AI score0.00493EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:45 p.m.6 views

CVE-2022-43525

Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary...

6.1CVSS6.2AI score0.00462EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 8:35 p.m.3 views

CVE-2021-1245

Cisco Finesse and Cisco Unified CVP OpenSocial Gadget Editor Cross-Site Scripting Vulnerability A vulnerability in the web-based management interface of Cisco Finesse and Cisco Unified CVP could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user ...

6.5CVSS5.7AI score0.0137EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 7:42 p.m.6 views

CVE-2021-3159

A stored cross site scripting XSS vulnerability in the /sys/attachment/uploaderServlet component of Landray EKP V12.0.9.R.20160325 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG, SHTML, or MHT file...

5.4CVSS5.6AI score0.0052EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 7:28 p.m.13 views

CVE-2021-26682

A remote reflected cross-site scripting XSS vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the guest portal interface of ClearPass could allow a remote attacker to conduct a reflected cross-site scripting XSS atta...

6.1CVSS6AI score0.00802EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 6:39 p.m.6 views

CVE-2021-36551

TikiWiki v21.4 was discovered to contain a cross-site scripting XSS vulnerability in the component tiki-calendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload under the Add Event module...

5.4CVSS6.1AI score0.00487EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 6:38 p.m.8 views

CVE-2021-35415

A stored cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the course "Title" and "Content" fields...

4.8CVSS5.5AI score0.00894EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 6:27 p.m.6 views

CVE-2021-26967

A remote reflected cross-site scripting xss vulnerability was discovered in Aruba AirWave Management Platform versions: Prior to 8.2.12.0. A vulnerability in the web-based management interface of AirWave could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against ...

6.1CVSS6.1AI score0.00802EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 6:17 p.m.3 views

CVE-2021-20829

Cross-site scripting vulnerability due to the inadequate tag sanitization in GROWI versions v4.2.19 and earlier allows remote attackers to execute an arbitrary script on the web browser of the user who accesses a specially crafted page...

6.1CVSS7AI score0.0073EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 6:14 p.m.9 views

CVE-2021-20727

Cross-site scripting vulnerability in Zettlr from 0.20.0 to 1.8.8 allows an attacker to execute an arbitrary script by loading a file or code snippet containing an invalid iframe into Zettlr...

6.1CVSS6.8AI score0.01036EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 5:48 p.m.6 views

CVE-2020-3420

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...

5.4CVSS6AI score0.00405EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/22 5:45 p.m.6 views

CVE-2020-23214

A stored cross site scripting XSS vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Configure categories" field under the "Categorise Lists" module...

5.4CVSS5.5AI score0.00551EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/05/22 4:43 p.m.8 views

CVE-2020-5613

Cross-site scripting vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to execute an arbitrary script via a specially crafted URL...

6.1CVSS6.9AI score0.01082EPSS
Exploits0References1
Rows per page
Query Builder