Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2024-37810)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

CVE-2024-44793

A cross-site scripting XSS vulnerability in the component /managers/multiplefreeleech.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the torrents parameter...

CVE-2024-38859

CVE-2024-38859 is a cross-site scripting (XSS) vulnerability in Checkmk. It affects view pages with the SLA column when using Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47, or 2.0.0 (EOL). The root cause is injection of HTML elements into the SLA column title, enabling execution of scrip...

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

YznCMS Cross-Site Scripting Vulnerability (CNVD-2024-38192)

YznCMS is a backend development framework. A cross-site scripting vulnerability exists in YznCMS version 1.4.2, which stems from the lack of effective filtering and escaping of user-supplied data in the component /index/index.html, and can be exploited by an attacker to execute arbitrary Web scri...

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Commerce 跨站脚本漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A cross-site scripting vulnerability exists in Adobe Commerce. The vulnerability stems from the application's lack of effective filtering and escaping o...

Microsoft Dynamics 365 (on-premises) cross-site scripting vulnerability (CNVD-2024-40538)

Microsoft Dynamics 365 is a suite of ERP business solutions for multinational organizations from Microsoft USA. It is used for financial management, production management and business intelligence management. Microsoft Dynamics 365 on-premises suffers from a cross-site scripting vulnerability tha...

microweber 安全漏洞

Microweber is Microweber open source can provide drag and drop functionality of the online store management system . The system includes adding products , images and other modules. microweber 2.0.16 version of a cross-site scripting vulnerability , the vulnerability stems from...

CVE-2024-41819 Note Mark has a stored XSS in the note link href attribute

Note Mark is a web-based Markdown notes app. A stored cross-site scripting XSS vulnerability in Note Mark allows attackers to execute arbitrary web scripts via a crafted payload injected into the URL value of a link in the markdown content. This vulnerability is fixed in 0.13.1...

Arbitrary Script Execution

anki is vulnerable to Arbitrary Script Execution. The vulnerability is due to inadequate validation and handling of flashcard content in the MPV functionality, allowing an attacker to send a malicious flashcard that can trigger arbitrary code execution...

GitLab Enterprise Edition和GitLab Community Edition 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition and GitLab Community Edition have a security vulnerability. ...

Ankitects Anki arbitrary script execution vulnerability

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...

GHSA-9GQ7-P5W9-W899 Ankitects Anki arbitrary script execution vulnerability

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...

CVE-2024-26020

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...

CVE-2024-26020

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...

CVE-2024-39457

Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...

CVE-2024-39457

Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...

Broadcom Symantec Privileged Access Management 安全漏洞

Broadcom Symantec Privileged Access Management Broadcom Symantec PAM is a security software from Broadcom, Inc. It helps prevent security breaches by protecting sensitive administrative credentials, controlling privileged user access, proactively enforcing security policies, and monitoring and...

PT-2025-31574 · Intelbras · Intelbras Rx3000 +1

Name of the Vulnerable Software and Affected Versions: Intelbras RX1500 version 2.2.9 Intelbras RX3000 version 1.0.11 Description: A cross-site scripting XSS issue exists in Intelbras RX1500 version 2.2.9 and RX3000 version 1.0.11. This allows attackers to execute arbitrary web scripts or HTML by...