Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6892 matches found

Cvelist
Cvelistadded 2020/11/18 9:8 p.m.13 views

CVE-2020-14208

SuiteCRM 7.11.13 is affected by stored Cross-Site Scripting XSS in the Documents preview functionality. This vulnerability could allow remote authenticated attackers to inject arbitrary web script or HTML...

5AI score0.0015EPSS
Exploits0References1
NVD
NVDadded 2020/11/12 9:15 p.m.21 views

CVE-2020-27193

A cross-site scripting XSS vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote attackers to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs...

6.1CVSS7.1AI score0.01007EPSS
Exploits0References6
CVE
CVEadded 2020/11/12 8:31 p.m.158 views

CVE-2020-27193

CVE-2020-27193 is an XSS in CKEditor 4.15.0 Color Dialog. A remote attacker can lure a user to paste crafted HTML into the editor, causing script execution in the user’s browser. The vulnerability is addressed by CKEditor 4.15.1 security patch; IBM/OSS bulletins also reference the fix. Affected p...

6.1CVSS5.9AI score0.01007EPSS
Exploits0References6Affected Software1
Prion
Prionadded 2020/11/12 10:15 a.m.21 views

Cross site scripting

Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security ENS prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard...

3.5CVSS4.9AI score0.00412EPSS
Exploits0References1Affected Software1
Check Point Advisories
Check Point Advisoriesadded 2020/11/11 12:0 a.m.2 views

Red Lion N-Tron Cross Site Scripting (CVE-2020-16206)

A cross-site scripting vulnerability exists in Red Lion N-Tron. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

3.5CVSS4.9AI score0.01521EPSS
Exploits2
Cvelist
Cvelistadded 2020/11/05 2:57 p.m.13 views

CVE-2020-28047

AudimexEE before 14.1.1 is vulnerable to Reflected XSS Cross-Site-Scripting. If the recommended security configuration parameter "uniqueerrornumbers" is not set, remote attackers can inject arbitrary web script or HTML via 'action, cargo, panel' parameters that can lead to data leakage...

5.4AI score0.00219EPSS
Exploits2References1
Exploit DB
Exploit DBadded 2020/10/29 12:0 a.m.1161 views

Mailman 1.x > 2.1.23 - Cross Site Scripting (XSS)

Title: Mailman 1.x 2.1.23 - Cross Site Scripting XSS Type: Reflected XSS Software: Mailman Version: =1.x = 2.1.23 Vendor Homepage: https://www.list.org Original link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5950 POC Author: Valerio Alessandroni Date: 28/10/2020 Description:...

6.1CVSS6.7AI score0.01715EPSS
Exploits3
UbuntuCve
UbuntuCveadded 2020/10/28 7:15 p.m.16 views

CVE-2020-27741

Multiple cross-site scripting XSS vulnerabilities in Citadel WebCit through 926 allow remote attackers to inject arbitrary web script or HTML via multiple pages and parameters. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread...

6.1CVSS6.4AI score0.00336EPSS
Exploits1References3
Debian CVE
Debian CVEadded 2020/10/28 6:44 p.m.10 views

CVE-2020-27741

Removed by vendor...

6.1CVSS6.3AI score0.00336EPSS
Exploits1
Cvelist
Cvelistadded 2020/10/28 6:44 p.m.9 views

CVE-2020-27741

Multiple cross-site scripting XSS vulnerabilities in Citadel WebCit through 926 allow remote attackers to inject arbitrary web script or HTML via multiple pages and parameters. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread...

6.2AI score0.00336EPSS
Exploits1References2
Check Point Advisories
Check Point Advisoriesadded 2020/10/25 12:0 a.m.3 views

Oracle E-Business Suite Advanced Outbound Telephony Cross-Site Scripting (CVE-2020-2856)

A cross-site scripting vulnerability exists in Oracle E-Business Suite Advanced Outbound Telephony. Successful exploitation of this vulnerability could allow remote attackers to inject arbitrary web script into the affected system...

5.8CVSS4.6AI score0.01495EPSS
Exploits0
OSV
OSVadded 2020/10/07 2:15 p.m.16 views

CVE-2020-25343

Cross-site scripting XSS vulnerabilities in Symphony CMS 3.0.0 allow remote attackers to inject arbitrary web script or HTML to fields'body' param via events\event.publisharticle.php...

5.4CVSS6.2AI score
Exploits0References1
Check Point Advisories
Check Point Advisoriesadded 2020/09/10 12:0 a.m.0 views

WordPress Colorbox Plugin Persistent Cross-Site Scripting

A cross-site scripting vulnerability exists in WordPress Colorbox Lightbox plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.2AI score
Exploits0
Prion
Prionadded 2020/09/09 2:15 p.m.16 views

Cross site scripting

A Cross-site scripting XSS vulnerability in 'user-profile.php' in SourceCodester Daily Tracker System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'fullname' parameter...

4.3CVSS6AI score0.00285EPSS
Exploits1References2Affected Software1
Check Point Advisories
Check Point Advisoriesadded 2020/09/05 12:0 a.m.1 views

WordPress NextGen Gallery Sell Photo Plugin Cross Site Scripting

A cross-site scripting vulnerability exists in WordPress NextGen Gallery Sell Photo Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.9AI score
Exploits0
NVD
NVDadded 2020/09/03 5:15 p.m.8 views

CVE-2020-23814

Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file...

6.1CVSS6.1AI score0.00723EPSS
Exploits1References2
OSV
OSVadded 2020/09/03 5:15 p.m.16 views

CVE-2020-23814

Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file...

6.1CVSS5.9AI score
Exploits0References2
Prion
Prionadded 2020/09/03 5:15 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file...

4.3CVSS6AI score0.00723EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2020/09/02 3:15 p.m.9 views

CVE-2020-24604

A Reflected XSS vulnerability was discovered in Ignite Realtime Openfire version 4.5.1. The XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via the GET request "searchName", "searchValue", "searchDescription", "searchDefaultValue","searchPlugin", "searchDescriptio...

6.1CVSS6AI score0.00979EPSS
Exploits1References2
Check Point Advisories
Check Point Advisoriesadded 2020/09/01 12:0 a.m.5 views

WordPress SeedProd Plugin Persistent Cross-Site Scripting (CVE-2020-15038)

A persistent cross site scripting vulnerability exists in WordPress SeedProd Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

3.5CVSS4.5AI score0.00594EPSS
Exploits5
Rows per page
Query Builder