Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-46883

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.0006EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/09/21 1:25 p.m.5 views

CVE-2025-48007

Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice Extension:BlueSpiceAvatars allows Cross-Site Scripting XSS. This issue affects BlueSpice: from 5 through 5.1.1...

6.4CVSS6.3AI score0.00036EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/09/19 1:9 p.m.9 views

CVE-2025-48007 Potential XSS in Extension:BlueSpiceAvatars

Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice Extension:BlueSpiceAvatars allows Cross-Site Scripting XSS. This issue affects BlueSpice: from 5 through 5.1.1...

5.9CVSS6AI score0.00036EPSS
Exploits0References1
NVD
NVDadded 2023/10/30 11:15 a.m.12 views

CVE-2023-42431

Cross-site Scripting XSS vulnerability in BlueSpiceAvatars extension of BlueSpice allows logged in user to inject arbitrary HTML into the profile image dialog on Special:Preferences. This only applies to the genuine user context...

5.4CVSS4.1AI score0.0006EPSS
Exploits1References1
OSV
OSVadded 2023/10/30 11:15 a.m.0 views

CVE-2023-42431

Cross-site Scripting XSS vulnerability in BlueSpiceAvatars extension of BlueSpice allows logged in user to inject arbitrary HTML into the profile image dialog on Special:Preferences. This only applies to the genuine user context...

5.4CVSS5.9AI score
Exploits0References1
Prion
Prionadded 2023/10/30 11:15 a.m.10 views

Cross site scripting

Cross-site Scripting XSS vulnerability in BlueSpiceAvatars extension of BlueSpice allows logged in user to inject arbitrary HTML into the profile image dialog on Special:Preferences. This only applies to the genuine user context...

4.9CVSS5.2AI score0.0006EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2023/10/30 10:48 a.m.43 views

CVE-2023-42431

BlueSpice with the BlueSpiceAvatars extension is affected by a Cross-site Scripting (XSS) vulnerability in the profile image dialog on Special:Preferences for logged-in users. The issue arises in the genuine user context and can allow injection of arbitrary HTML. The connected documents do not pr...

5.4CVSS4AI score0.0006EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/10/30 10:48 a.m.8 views

CVE-2023-42431 Potential XSS on user preferences page

Cross-site Scripting XSS vulnerability in BlueSpiceAvatars extension of BlueSpice allows logged in user to inject arbitrary HTML into the profile image dialog on Special:Preferences. This only applies to the genuine user context...

2.1CVSS5.8AI score0.0006EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2023/10/30 12:0 a.m.4 views

PT-2023-28337 · Bluespice · Bluespice

Name of the Vulnerable Software and Affected Versions: BlueSpice affected versions not specified Description: A Cross-site Scripting XSS issue in the BlueSpiceAvatars extension of BlueSpice allows a logged-in user to inject arbitrary HTML into the profile image dialog on Special:Preferences. This...

5.4CVSS5.2AI score0.0006EPSS
Exploits1References6
CNNVD
CNNVDadded 2023/10/30 12:0 a.m.3 views

BlueSpice Security Vulnerabilities

BlueSpice is free Wiki software from BlueSpice based on the MediaWiki engine. A security vulnerability exists in BlueSpice, which stems from a cross-site scripting XSS vulnerability in the BlueSpiceAvatars extension. The vulnerability can be exploited to inject arbitrary HTML code into the profil...

5.4CVSS6AI score0.0006EPSS
Exploits1References2
Rows per page
Query Builder