CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2023-48471

5.4CVSS5.8AI score

CVE-2023-48467

5.4CVSS5.7AI score

CVE-2023-48462

5.4CVSS5.7AI score

CVE-2023-48445

5.4CVSS5.7AI score

Positive Technologies•added 2023/12/15 12:0 a.m.•2 views

PT-2023-30856 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.18 and earlier Description: A Cross-site Scripting DOM-based XSS issue allows malicious JavaScript content to be executed within the context of a victim's browser if a low-privileged attacker convinces th...

5.4CVSS4.3AI score0.00253EPSS

OSV•added 2023/12/14 4:15 p.m.•2 views

CVE-2023-44286

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the injection of malicious HTML or JavaScript code to a...

6.1CVSS5.9AI score0.00159EPSS

Positive Technologies•added 2023/12/12 12:0 a.m.•3 views

PT-2023-8040 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.18 and earlier Description: The issue is related to a Cross-site Scripting DOM-based XSS vulnerability. It can be exploited if a low-privileged attacker convinces a victim to visit a URL referencing a...

5.5CVSS4.8AI score0.00229EPSS

Exploits0References5

Positive Technologies•added 2023/12/12 12:0 a.m.•5 views

PT-2023-7739 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.18 and earlier Description: The issue is related to a Cross-site Scripting DOM-based XSS vulnerability. It may allow a low-privileged attacker to execute malicious JavaScript content within the context of...

5.5CVSS4.8AI score0.00289EPSS

Exploits0References6

Positive Technologies•added 2023/12/12 12:0 a.m.•2 views

PT-2023-8043 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.18 and earlier Description: The issue is related to a lack of protection for the web page structure in Adobe Experience Manager AEM, which can be exploited by a remote attacker to execute arbitrary code...

5.5CVSS5AI score0.00205EPSS

Exploits0References5

Positive Technologies•added 2023/12/12 12:0 a.m.•2 views

PT-2023-7655 · Adobe · Experience Manager

5.5CVSS4.8AI score0.01075EPSS

Exploits0References6

Prion•added 2022/12/06 6:15 p.m.•13 views

Cross site scripting

teler is an real-time intrusion detection and threat alert dashboard. teler prior to version 2.0.0-rc.4 is vulnerable to DOM-based cross-site scripting XSS in the teler dashboard. When teler requests messages from the event stream on the /events endpoint, the log data displayed on the dashboard a...

4.9CVSS5.1AI score0.00202EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2022/12/06 12:0 a.m.•3 views

PT-2022-16008 · Teler · Teler

Name of the Vulnerable Software and Affected Versions: teler versions prior to 2.0.0-rc.4 Description: The teler dashboard is vulnerable to DOM-based cross-site scripting XSS when it requests messages from the event stream on the "/events" endpoint, and the log data displayed on the dashboard are...

5.4CVSS5AI score0.00202EPSS

Exploits0References9

CNNVD•added 2022/12/05 12:0 a.m.•1 views

Rukovoditel 跨站脚本漏洞

Rukovoditel is a set of Web-based open source project management software from the Rukovoditel team. The software features project management, customer relationship management, and more. Rukovoditel v3.2.1 version of a security vulnerability , the vulnerability stems from the inclusion of DOM-bas...

8.8CVSS7.5AI score0.00384EPSS

Exploits1References2

CNNVD•added 2022/09/15 12:0 a.m.•3 views

EC-CUBE 跨站脚本漏洞

EC-CUBE is an open source e-commerce system from the Japanese company EC-CUBE. A security vulnerability exists in EC-CUBE versions 4.0.0 through 4.1.2, which stems from a DOM-based cross-site scripting vulnerability that could allow a remote attacker to execute arbitrary script on the...

5.4CVSS5.4AI score0.00217EPSS

ATTACKERKB•added 2022/08/09 12:15 p.m.•0 views

CVE-2022-2729

Cross-site Scripting XSS - DOM in GitHub repository openemr/openemr prior to 7.0.0.1...

5.4CVSS6.1AI score0.03478EPSS

Exploits1References3

Positive Technologies•added 2022/08/09 12:0 a.m.•2 views

PT-2022-4147 · Siemens · Scalance W-700 +9

Name of the Vulnerable Software and Affected Versions: SCALANCE M-800 / S615 versions prior to V2.3.1 SCALANCE SC-600 family versions prior to V2.3.1 SCALANCE W-1700 IEEE 802.11ac family versions prior to V2.3.1 SCALANCE W-700 IEEE 802.11ax family versions prior to V2.3.1 SCALANCE W-700 IEEE...

9CVSS5.4AI score0.00434EPSS

OSV•added 2021/08/03 4:15 p.m.•1 views

CVE-2021-21576

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link...

6.1CVSS6.3AI score

OSV•added 2021/08/03 4:15 p.m.•2 views

CVE-2021-21577

6.1CVSS6.3AI score

CNNVD•added 2021/05/19 12:0 a.m.•2 views

BMC Remedy Mid Tier 9.1SP3 跨站脚本漏洞

BMC Software BMC Remedy 9.1SP3 is an application from BMC Software, Inc. It provides off-the-shelf IT Information Library ITIL service support functionality. A cross-site scripting vulnerability exists in BMC Remedy Mid Tier 9.1SP3, which stems from a dom-based cross-site scripting vulnerability...

6.1CVSS5.9AI score0.00465EPSS