Lucene search
K

7613 matches found

OSV
OSV
added 2021/08/30 6:15 p.m.3 views

CVE-2020-18126

Multiple stored cross-site scripting XSS vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML...

5.4CVSS5.9AI score0.00503EPSS
Exploits1References1
Prion
Prion
added 2021/08/30 3:15 p.m.20 views

Cross site scripting

A stored cross-site scripting vulnerability has been discovered in : Simply Gallery Blocks with Lightbox Version – 2.2.0 & below. The vulnerability exists in the Lightbox functionality where a user with low privileges is allowed to execute arbitrary script code within the context of the...

3.5CVSS5.5AI score0.00618EPSS
Exploits1References2Affected Software1
Huntr
Huntr
added 2021/08/28 11:3 p.m.13 views

Cross-site Scripting (XSS) - Stored in namelessmc/nameless

✍️ Description Stored XSS in google analytics. 🕵️‍♂️ Proof of Concept 1. goto 'http://localhost/Nameless/index.php?route=/panel/core/seo/' logged in as admin. 2. enter "G-XXXXXXXX'; javascript:alert1; alert1; instead will cause any admin who visits the SEO page to have the java script activated on...

1.3AI score
Exploits0
CNVD
CNVD
added 2021/08/27 12:0 a.m.19 views

Six Apart Movable Type Cross-Site Scripting Vulnerability (CNVD-2022-22648)

Six Apart Movable Type is an application of Six Apart, Inc. A cross-site scripting vulnerability exists in Six Apart Movable Type, which stems from the lack of proper validation of client-side data in the WEB application. An attacker could use this vulnerability to inject arbitrary script or HTML...

6.1CVSS1.2AI score0.009EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/27 12:0 a.m.17 views

Six Apart Movable Type Cross-Site Scripting Vulnerability (CNVD-2022-22649)

Six Apart Movable Type MT is a blogging system from Six Apart, a US-based company. A cross-site scripting vulnerability exists in Six Apart Movable Type, which stems from the lack of proper validation of client-side data in the WEB application and can be exploited to inject arbitrary script or HT...

6.1CVSS2AI score0.009EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/27 12:0 a.m.16 views

Six Apart Movable Type Cross-Site Scripting Vulnerability (CNVD-2022-22647)

Six Apart Movable Type MT is a blogging system from Six Apart, a US-based company. A cross-site scripting vulnerability exists in Six Apart Movable Type, which stems from the lack of proper validation of client-side data in the WEB application and can be exploited to inject arbitrary script or HT...

6.1CVSS2AI score0.009EPSS
Exploits0References1
OSV
OSV
added 2021/08/26 2:15 a.m.5 views

CVE-2021-20810

Cross-site scripting vulnerability in Website Management screen of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series, Movable Type 6.8.0 and earlier Movable Type 6 Series, Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series, Movable Type Premium 1.44 and...

6.1CVSS6.5AI score0.00904EPSS
Exploits0References2
NVD
NVD
added 2021/08/26 2:15 a.m.11 views

CVE-2021-20814

Cross-site scripting vulnerability in Setting screen of ContentType Information Widget Plugin of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series, Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series, and Movable Type Premium 1.44 and earlier allows remote...

6.1CVSS0.00904EPSS
Exploits0References2
NVD
NVD
added 2021/08/26 2:15 a.m.13 views

CVE-2021-20813

Cross-site scripting vulnerability in Edit screen of Content Data of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series and Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series allows remote attackers to inject arbitrary script or HTML via unspecified vector...

6.1CVSS0.009EPSS
Exploits0References2
Prion
Prion
added 2021/08/26 2:15 a.m.15 views

Cross site scripting

Cross-site scripting vulnerability in Create screens of Entry, Page, and Content Type of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series, Movable Type 6.8.0 and earlier Movable Type 6 Series, Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series, Movable...

4.3CVSS6AI score0.009EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2021/08/26 2:15 a.m.25 views

CVE-2021-20813

Cross-site scripting vulnerability in Edit screen of Content Data of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series and Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series allows remote attackers to inject arbitrary script or HTML via unspecified vector...

6.1CVSS6.5AI score0.009EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/08/26 2:15 a.m.22 views

CVE-2021-20808

Cross-site scripting vulnerability in Search screen of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series, Movable Type 6.8.0 and earlier Movable Type 6 Series, Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series, Movable Type Premium 1.44 and earlier, and...

6.1CVSS6.4AI score0.009EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/08/26 2:15 a.m.22 views

CVE-2021-20810

Cross-site scripting vulnerability in Website Management screen of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series, Movable Type 6.8.0 and earlier Movable Type 6 Series, Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series, Movable Type Premium 1.44 and...

6.1CVSS6.5AI score0.00904EPSS
Exploits0References3
Prion
Prion
added 2021/08/26 2:15 a.m.13 views

Cross site scripting

Cross-site scripting vulnerability in List of Assets screen of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series, Movable Type 6.8.0 and earlier Movable Type 6 Series, Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series, Movable Type Premium 1.44 and...

4.3CVSS6AI score0.009EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/08/26 2:15 a.m.21 views

Cross site scripting

Cross-site scripting vulnerability in Search screen of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series, Movable Type 6.8.0 and earlier Movable Type 6 Series, Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series, Movable Type Premium 1.44 and earlier, and...

4.3CVSS6AI score0.009EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/08/26 2:15 a.m.20 views

Cross site scripting

Cross-site scripting vulnerability in Setting screen of Server Sync of Movable Type Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series and Movable Type Premium Advanced 1.44 and earlier allows remote attackers to inject arbitrary script or HTML via unspecified vectors...

4.3CVSS6AI score0.009EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2021/08/26 2:15 a.m.35 views

CVE-2021-20814

Cross-site scripting vulnerability in Setting screen of ContentType Information Widget Plugin of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series, Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series, and Movable Type Premium 1.44 and earlier allows remote...

6.1CVSS6.5AI score0.00904EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/08/26 1:20 a.m.16 views

CVE-2021-20810

Cross-site scripting vulnerability in Website Management screen of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series, Movable Type 6.8.0 and earlier Movable Type 6 Series, Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series, Movable Type Premium 1.44 and...

6.2AI score0.00904EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/08/26 1:20 a.m.20 views

CVE-2021-20809

Cross-site scripting vulnerability in Create screens of Entry, Page, and Content Type of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series, Movable Type 6.8.0 and earlier Movable Type 6 Series, Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series, Movable...

6.2AI score0.009EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/26 12:0 a.m.40 views

Atlassian JIRA < 8.5.14 / 8.6.x < 8.13.6 / 8.14.x < 8.16.1 XSS (JRASERVER-72392)

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is affected by a cross-site scripting vulnerability in the number range searcher component due to improper validation of user-supplied input before returning it to users. An...

6.1CVSS6.4AI score0.03841EPSS
Exploits4References2
Rows per page
Query Builder