Cross site scripting

Cross Site Scripting XSS vulnerability in Qbian61 forum-java, allows attackers to inject arbitrary web script or HTML via editing the article content in the "article editor" page...

editor.md 跨站脚本漏洞

Editor.md is an open source embedded online Markdown a markup language editor. A security vulnerability exists in pandao editor.md version 1.5.0 and earlier, which stems from a cross-site scripting XSS vulnerability that allows attackers to inject arbitrary Web script or HTML...

CVE-2023-29636

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString...

my-site 跨站脚本漏洞

my-site is WinterChenS personal developer's springboot2.0 based development of personal Web site , integrated : personal home page , personal blog , personal works . WinterChenS my-site has a security vulnerability that stems from the presence of a cross-site scripting XSS vulnerability that allo...

CVE-2023-30405

A cross-site scripting XSS vulnerability in Aigital Wireless-N Repeater MiniRouter v0.131229 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the wlssid parameter at /boafrm/formHomeWlanSetup...

CVE-2023-24836

SUNNET CTMS has vulnerability of path traversal within its file uploading function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operation or disrupt service...

PT-2023-22642 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro version 2.0.3 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Article Title or Article Summary parameters. This enables the execution of malicious scripts,...

CVE-2022-27979

A cross-site scripting XSS vulnerability in ToolJet v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment Body component...

ToolJet 跨站脚本漏洞

ToolJet is an extensible low-code framework for building business applications from ToolJet. A security vulnerability exists in ToolJet version v1.6.0. An attacker can exploit this vulnerability to execute arbitrary web script or HTML by injecting a specially crafted payload...

CVE-2023-30417

A cross-site scripting XSS vulnerability in Pear-Admin-Boot up to v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title of a private message...

ChurchCRM 跨站脚本漏洞

ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM version 4.5.3. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via NoteEditor.php...

CVE-2023-30417

Pear-Admin-Boot (v2.0.2 and earlier) is affected by an XSS vulnerability that allows an attacker to inject arbitrary web scripts or HTML via the Title field of a private message. Affected component: Pear-Admin-Boot; root cause: improper sanitization/injection in the Title of private messages; imp...

Pear Admin Boot 跨站脚本漏洞

Pear Admin Boot is an out-of-the-box Spring rapid development platform for the Pear Admin community in China. A security vulnerability exists in Pear Admin Boot v2.0.2. An attacker can exploit this vulnerability to execute arbitrary web script or HTML by injecting a specially crafted payload...

Odoo 跨站脚本漏洞

Odoo is an Enterprise Resource Planning ERP and Customer Relationship Management CRM system from Odoo Belgium. The system is developed in Python language, with PostgreSQL as the database, and includes modules for sales management, inventory management, and financial management. A security...

CVE-2023-2139

A reflected Cross-site Scripting XSS Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code...

CVE-2023-2139

A reflected Cross-site Scripting XSS Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code...

Checkmk 跨站脚本漏洞

Checkmk is an editor. A cross-site scripting vulnerability exists in Checkmk Appliance versions prior to 1.6.4, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary web script or HTML by injecti...

CVE-2023-27777

Cross-site scripting XSS vulnerability was discovered in Online Jewelry Shop v1.0 that allows attackers to execute arbitrary script via a crafted URL...

CVE-2023-27777

Cross-site scripting XSS vulnerability was discovered in Online Jewelry Shop v1.0 that allows attackers to execute arbitrary script via a crafted URL...

Cross site scripting

Cross-site scripting XSS vulnerability was discovered in Online Jewelry Shop v1.0 that allows attackers to execute arbitrary script via a crafted URL...