CVE-2025-65237

OpenCode Systems USSD Gateway OC Release 5 is affected by a reflected XSS vulnerability that lets an attacker inject arbitrary JavaScript into a user’s browser by sending a crafted payload. The issue is documented across multiple sources (e.g., Red Hat CVE entry and NVD) with a CVSSv3.1 base scor...

PT-2025-40300

Name of the Vulnerable Software and Affected Versions Luci OpenWRT version 18.06.2 Description A reflected cross-site scripting XSS issue exists in the /admin/system/packages API endpoint of Luci OpenWRT. An attacker can execute arbitrary Javascript in a user's browser by providing a crafted...

Unspecified Vulnerability in Adobe Experience Manager (CNVD-2024-28509)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

CVE-2024-33423

Cross-Site Scripting XSS vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Logout parameter under the Language section...