Lucene search
K

7613 matches found

Cvelist
Cvelist
added 2022/04/21 6:50 p.m.20 views

CVE-2022-20778 Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the authentication component of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the...

6.1CVSS6.2AI score0.00761EPSS
Exploits0References1
Prion
Prion
added 2022/04/06 7:15 p.m.16 views

Cross site scripting

A vulnerability in the web-based management interface of the Network Diagrams application for Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This...

3.5CVSS5.3AI score0.00557EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/04/06 6:13 p.m.26 views

CVE-2022-20741 Cisco Secure Network Analytics Network Diagrams Application Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of the Network Diagrams application for Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This...

5.4CVSS5.5AI score0.00557EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/06 6:12 p.m.22 views

CVE-2022-20781 Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerability exists...

5.4CVSS5.5AI score0.00557EPSS
Exploits0References1
Prion
Prion
added 2022/04/04 9:15 p.m.20 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in TPCMS v3.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Phone text box...

3.5CVSS4.9AI score0.00435EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/04/04 2:15 p.m.5 views

CVE-2022-27436

A cross-site scripting XSS vulnerability in /public/admin/index.php?adduser at Ecommerce-Website v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username text field...

4.8CVSS5.9AI score0.00976EPSS
Exploits1References3
Prion
Prion
added 2022/04/04 2:15 p.m.21 views

Cross site scripting

A cross-site scripting XSS vulnerability in /public/admin/index.php?adduser at Ecommerce-Website v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username text field...

3.5CVSS4.9AI score0.00976EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2022/04/01 12:0 a.m.3 views

Total.js 跨站脚本漏洞

Total Avengers Totaljs Framework is a Javascript-based code base for building web, desktop, service or IoT applications from Total Avengers, Slovakia. The application is similar to PHPs Laravel, Pythons Django, ASP.NET MVC for building Node applications.A cross-site scripting vulnerability exists...

4.8CVSS5.7AI score0.00532EPSS
Exploits1References3
NVD
NVD
added 2022/03/31 8:15 a.m.17 views

CVE-2022-27496

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00719EPSS
Exploits0References2
OSV
OSV
added 2022/03/31 8:15 a.m.4 views

CVE-2022-27496

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.5AI score0.00719EPSS
Exploits0References2
Prion
Prion
added 2022/03/31 8:15 a.m.28 views

Cross site scripting

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS5.9AI score0.00719EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/03/31 7:20 a.m.13 views

CVE-2021-20729

Cross-site scripting vulnerability in pfSense CE and pfSense Plus pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier allows a remote attacker to inject an arbitrary script via a malicious URL...

6.7AI score0.02767EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/03/25 12:0 a.m.3 views

DouPHP 跨站脚本漏洞

A cross-site scripting vulnerability exists in DouPHP, a lightweight enterprise content management system CMS from China DouShell Network Technology. The vulnerability stems from a lack of data validation filtering of user-supplied data and output in the upload function of dmin/show.php. An...

4.8CVSS5.5AI score0.00416EPSS
Exploits0References3
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/25 12:0 a.m.12 views

D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability

A cross-site scripting XSS vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML...

5.4CVSS3AI score0.33567EPSS
In wildExploits3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/03/15 12:0 a.m.50 views

JVN#87751554: Multiple vulnerabilities in pfSense

pfSense software provided by Netgate contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2021-20729 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:M/Au:N/C:N/I:P/A:N| Base Score: 4.3 Improper...

8.8CVSS8.3AI score0.04229EPSS
Exploits0
OSV
OSV
added 2022/03/10 5:45 p.m.29 views

CVE-2022-21158

A stored cross-site scripting vulnerability in marktext versions prior to v0.17.0 due to improper handling of the link with javascript: scheme inside the document may allow an attacker to execute an arbitrary script on the PC of the user using marktext...

5.4CVSS6.2AI score
Exploits0References2
Prion
Prion
added 2022/03/10 5:45 p.m.11 views

Cross site scripting

A stored cross-site scripting vulnerability in marktext versions prior to v0.17.0 due to improper handling of the link with javascript: scheme inside the document may allow an attacker to execute an arbitrary script on the PC of the user using marktext...

3.5CVSS5.3AI score0.00514EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/03/07 9:0 a.m.22 views

CVE-2022-21158

A stored cross-site scripting vulnerability in marktext versions prior to v0.17.0 due to improper handling of the link with javascript: scheme inside the document may allow an attacker to execute an arbitrary script on the PC of the user using marktext...

5.5AI score0.00514EPSS
Exploits0References2
Prion
Prion
added 2022/03/02 9:15 p.m.16 views

Cross site scripting

VMware Workspace ONE Boxer contains a stored cross-site scripting XSS vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user's window...

3.5CVSS5.3AI score0.00443EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/03/01 2:15 a.m.14 views

CVE-2022-25020

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

5.4CVSS0.01192EPSS
Exploits1References4
Rows per page
Query Builder