7612 matches found
CVE-2023-20133
A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability exists because of insufficient validation of user-supplied input in Webex Events class...
CVE-2023-20205
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device...
CVE-2022-25020
A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...
CVE-2022-43527
Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary...
CVE-2022-28081
A reflected cross-site scripting XSS vulnerability in the component Query.php of arPHP v3.6.0 allows attackers to execute arbitrary web scripts...
CVE-2022-20836
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...
CVE-2022-20935
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...
CVE-2022-20839
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...
CVE-2022-20872
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...
CVE-2022-20932
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...
CVE-2022-22142
Reflected cross-site scripting vulnerability in the checkbox of phpmailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors...
CVE-2022-22868
Gibbon CMS v22.0.01 was discovered to contain a cross-site scripting XSS vulnerability, that allows attackers to inject arbitrary script via name parameters...
CVE-2022-40028
SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullName parameter...
CVE-2022-48111
A cross-site scripting XSS vulnerability in the checklogin function of SIPE s.r.l WI400 between version 8 and 11 included allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the f parameter...
CVE-2022-48013
Opencats v0.9.7 was discovered to contain a stored cross-site scripting XSS vulnerability in the component /opencats/index.php?m=calendar. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description or Title text fields...
CVE-2022-47877
A Stored cross-site scripting vulnerability in Jedox 2020.2.5 allows remote, authenticated users to inject arbitrary web script or HTML in the Logs page via the log module 'log'...
CVE-2022-45990
A cross-site scripting XSS vulnerability in the component /signupscript.php of Ecommerce-Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the eMail parameter...
CVE-2022-45730
A cross-site scripting XSS vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function...
CVE-2022-45729
A cross-site scripting XSS vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee ID parameter...
CVE-2022-45038
A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field...