Lucene search
K

25 matches found

CVE
CVE
added 2014/04/25 10:0 a.m.64 views

CVE-2012-4230

CVE-2012-4230 affects the TinyMCE 3.5.8 bbcode plugin, where the plugin does not properly enforce the security policy for two directives: (1) encoding and (2) valid_elements. This misconfiguration allows attackers to perform cross-site scripting (XSS) via application-specific vectors, demonstrate...

4.3CVSS6.8AI score0.01198EPSS
Exploits2References6Affected Software1
Packet Storm
Packet Storm
added 2013/03/11 12:0 a.m.51 views

TinyMCE 3.5.8 Cross Site Scripting

Vulnerability Report Author: Justin C. Klein Keane Date: 5 March, 2013 CVE-2012-4230 Description of Vulnerability: ----------------------------- "TinyMCE in itself can not be insecure" http://www.tinymce.com/wiki.php/Security "TinyMCE is a platform independent web based Javascript HTML WYSIWYG...

4.3CVSS7.5AI score0.01198EPSS
Exploits2
NVD
NVD
added 2005/05/03 4:0 a.m.18 views

CVE-2005-1448

Cross-site scripting XSS vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

6.8CVSS5.7AI score0.0134EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/05/03 4:0 a.m.20 views

CVE-2005-1448

Cross-site scripting XSS vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

5.7AI score0.0134EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2005/04/28 12:0 a.m.42 views

Serendipity BBCode Plugin XSS

According to its banner, the version of Serendipity installed on the remote host does not properly filter user-supplied input for selected fields if the BBCode plugin is enabled - it is not by default. By exploiting this flaw, an attacker can cause arbitrary HTML and script code to be executed by...

6.8CVSS5.8AI score0.0134EPSS
Exploits0References2
Rows per page
Query Builder