CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4382 matches found

CVE•added 2025/07/22 11:31 a.m.•15 views

CVE-2025-4284

CVE-2025-4284 affects Rolantis Information Technologies’ Agentis (pre-4.32). The issue is an Improper Neutralization of Input During Web Page Generation that enables Reflected XSS and DOM-Based XSS. Per the sources, the vulnerability impacts Agentis versions before 4.32, with CVSSv3.1 base metric...

6.1CVSS5.4AI score0.0019EPSS

Exploits0References2

Vulnrichment•added 2025/07/22 11:31 a.m.•4 views

CVE-2025-4284 Reflected XSS in Rolantis Information Technologies' Agentis

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Rolantis Information Technologies Agentis allows Reflected XSS, DOM-Based XSS. This issue affects Agentis: before 4.32...

6.1CVSS5.4AI score0.0019EPSS

Exploits0References2

ATTACKERKB•added 2025/07/22 11:31 a.m.•4 views

CVE-2025-4284

6.1CVSS5.4AI score0.0019EPSS

Exploits0References3

Cvelist•added 2025/07/22 11:31 a.m.•11 views

CVE-2025-4284 Reflected XSS in Rolantis Information Technologies' Agentis

6.1CVSS0.0019EPSS

Exploits0References2

CNNVD•added 2025/07/22 12:0 a.m.•2 views

Rolantis Agentis 跨站脚本漏洞

Rolantis Agentis is a software for enterprise information management and automated processing from the Turkish company Rolantis. A cross-site scripting vulnerability exists in Rolantis Agentis versions prior to 4.32, which stems from improper input neutralization during web page generation and...

6.1CVSS5.6AI score0.0019EPSS

Exploits0References3

RedhatCVE•added 2025/07/18 1:58 p.m.•4 views

CVE-2025-53892

Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fail...

5.3CVSS6.5AI score0.0067EPSS

Exploits0References1

RedhatCVE•added 2025/07/18 10:59 a.m.•4 views

CVE-2025-54016

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kyle Gilman Videopack video-embed-thumbnail-generator allows DOM-Based XSS.This issue affects Videopack: from n/a through = 4.10.3...

6.5CVSS5.9AI score0.00165EPSS

Exploits0References1

RedhatCVE•added 2025/07/18 10:59 a.m.•3 views

CVE-2025-54024

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Greg Winiarski WPAdverts wpadverts allows DOM-Based XSS.This issue affects WPAdverts: from n/a through = 2.2.5...

6.5CVSS5.9AI score0.00165EPSS

Exploits0References1

RedhatCVE•added 2025/07/18 10:59 a.m.•4 views

CVE-2025-54023

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Delicious WP Delicious delicious-recipes allows DOM-Based XSS.This issue affects WP Delicious: from n/a through = 1.8.4...

6.5CVSS5.9AI score0.00165EPSS

Exploits0References1

RedhatCVE•added 2025/07/18 10:59 a.m.•4 views

CVE-2025-53994

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetPopup jet-popup allows DOM-Based XSS.This issue affects JetPopup: from n/a through = 2.0.15...

6.5CVSS5.9AI score0.00204EPSS

Exploits0References1

Github Security Blog•added 2025/07/16 7:32 p.m.•12 views

vue-i18n's escapeParameterHtml does not prevent DOM-based XSS through its tag attributes

Summary The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, this setting fails to prevent execution of certain tag-based payloads, such as , if the interpolated value is inserted inside an HTML context...

5.3CVSS5.2AI score0.0067EPSS

Exploits0References10Affected Software5

OSV•added 2025/07/16 4:15 p.m.•1 views

CVE-2025-47053

Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. A low privileged attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation ...

5.4CVSS5.8AI score0.00254EPSS

Exploits0References1

Cvelist•added 2025/07/16 3:56 p.m.•6 views

CVE-2025-47053 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

5.4CVSS0.00254EPSS

Exploits0References1

CVE•added 2025/07/16 3:56 p.m.•23 views

CVE-2025-47053

CVE-2025-47053 affects Adobe Experience Manager (AEM) up to version 6.5.22, with a DOM-based Cross-Site Scripting (XSS) issue caused by insufficient filtering/escaping of user-supplied data. The vulnerability can be exploited by a low-privilege attacker who manipulates the DOM to execute arbitrar...

5.4CVSS5.4AI score0.00254EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/07/16 3:52 p.m.•5 views

CVE-2025-46959 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

5.4CVSS0.00349EPSS

Exploits0References1

CVE•added 2025/07/16 3:52 p.m.•21 views

CVE-2025-46959

{"affected_software":"Adobe Experience Manager (AEM)","versions_affected":"6.5.22 and earlier","vulnerability":"DOM-based Cross-Site Scripting (XSS)","root_cause":"manipulation of the DOM environment to execute malicious JavaScript in the victim's browser","impact_note":"requires user interaction...

5.4CVSS5.4AI score0.00349EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/07/16 3:52 p.m.•4 views

CVE-2025-46959 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

5.4CVSS5.8AI score0.00349EPSS

Exploits0References1

Vulnrichment•added 2025/07/16 1:42 p.m.•3 views

CVE-2025-53892 Intlify Vue I18n's escapeParameterHtml does not prevent DOM-based XSS via tag attributes like onerror

5.3CVSS5.9AI score0.0067EPSS

Exploits0References8

Cvelist•added 2025/07/16 1:42 p.m.•111 views

CVE-2025-53892 Intlify Vue I18n's escapeParameterHtml does not prevent DOM-based XSS via tag attributes like onerror