UBUNTU-CVE-2024-55228

A cross-site scripting XSS vulnerability in the Product module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter...

CVE-2024-10453

The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typography Settings in all versions up to, and including, 3.25.9 due to insufficient input sanitization and output escaping on user supplied attributes...

CVE-2024-44717

A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

CVE-2024-3337

The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibribreadcrumbelement' shortcode in all versions up to, and including, 1.0.272 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-2735

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Price List' element in all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

PT-2024-22836 · WordPress · Creative Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Creative Addons for Elementor plugin for WordPress versions up to, and including, 1.5.12 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's widgets, allowing...

CVE-2024-1586

The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom schema in all versions up to, and including, 1.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject...

CVE-2023-52059

A cross-site scripting XSS vulnerability in Gestsup v3.2.46 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field...

CVE-2023-43319

Cross Site Scripting XSS vulnerability in the Sign-In page of IceWarp WebClient 10.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter...

WordPress plugin Google Maps Plugin by Intergeo Cross-site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. uninstall is one of the plugins used to completely uninstall WordPress. WordPress...

UBUNTU-CVE-2020-23452

A cross-site scripting XSS vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page...

ServiceNow 跨站脚本漏洞

ServiceNow is a cloud computing platform from US-based ServiceNow, Inc. to help companies manage the digital workflow of their business operations. ServiceNow suffers from a security vulnerability. An attacker exploiting the vulnerability can inject arbitrary scripts...

Epson printer 跨站脚本漏洞

Epson printer is a printer from the Japanese company Epson. A cross-site scripting vulnerability exists in Epson printer. An attacker can exploit this vulnerability to inject arbitrary script...

ServiceNow 跨站脚本漏洞

ServiceNow is a cloud computing platform from US-based ServiceNow, Inc. to help companies manage the digital workflow of their business operations. A security vulnerability exists in ServiceNow. An attacker exploiting the vulnerability is able to inject arbitrary scripts...

CVE-2022-43143

A cross-site scripting XSS vulnerability in Beekeeper Studio v3.6.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error modal container...

DEBIAN-CVE-2022-3140

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal...

CVE-2022-27330

A cross-site scripting XSS vulnerability in /public/admin/index.php?addproduct of E-Commerce Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Title text field...

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin KJM Admin Notices, which stems from insufficient input validation and cleanup of several parameters found in the /admin/class-kjm-admin-notices-admin.php file,...