Lucene search
K

312 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:12 p.m.9 views

CVE-2021-39362

An XSS issue was discovered in ReCaptcha Solver 5.7. A response from Anti-Captcha.com, RuCaptcha.com, 2captcha.com, DEATHbyCAPTCHA.com, ImageTyperz.com, or BestCaptchaSolver.com in setCaptchaCode is inserted into the DOM as HTML, resulting in full control over the user's browser by these servers...

6.1CVSS6.1AI score0.00581EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:37 p.m.7 views

CVE-2021-29975

Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain with the new domain correctly shown in the address bar resulting in possible user confusion. This vulnerability affects Firefox ...

6.5CVSS6AI score0.00965EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:22 p.m.9 views

CVE-2020-15119

In auth0-lock versions before and including 11.25.1, dangerouslySetInnerHTML is used to update the DOM. When dangerouslySetInnerHTML is used, the application and its users might be exposed to cross-site scripting XSS attacks...

6.4CVSS5.8AI score0.00546EPSS
Exploits0
OSV
OSV
added 2025/04/17 9:31 p.m.11 views

CLSA-2025-1744925460 gcc: Fix of CVE-2020-11023

CVE-2020-11023: Fix issue in DOM manipulation methods to prevent execution of untrusted code...

6.9CVSS6.9AI score0.8383EPSS
Exploits6References1
OSV
OSV
added 2025/04/17 9:27 p.m.6 views

CLSA-2025-1744925221 gcc: Fix of CVE-2020-11023

CVE-2020-11023: Fix issue in DOM manipulation methods to prevent execution of untrusted code...

6.9CVSS6.9AI score0.8383EPSS
Exploits6References1
OSV
OSV
added 2025/04/17 12:16 p.m.11 views

CLSA-2025-1744892170 gcc: Fix of CVE-2020-11023

CVE-2020-11023: sanitize HTML content passed to DOM manipulation methods to prevent execution of untrusted code...

6.9CVSS6.9AI score0.8383EPSS
Exploits6References1
OSV
OSV
added 2025/04/17 7:31 a.m.5 views

CLSA-2025-1744875112 gcc: Fix of CVE-2020-11023

CVE-2020-11023: Fix issue where untrusted HTML containing elements could execute untrusted code in DOM manipulation methods...

6.9CVSS6.8AI score0.8383EPSS
Exploits6References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:24 a.m.33 views

Security Bulletin: IBM Robotic Process Automation for Cloud Pak is vulnerable to cross site scripting (CVE-2022-38709)

Summary IBM Robotic Process Automation for Cloud Pak is vulnerable to cross site scripting through DOM manipulation. Vulnerability Details CVEID:CVE-2022-38709 DESCRIPTION: IBM Robotic Process Automation for Cloud Pak is vulnerable to cross-site scripting. This vulnerability allows users to embed...

6.1CVSS5.9AI score0.0042EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2025/03/20 12:32 p.m.4 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the search functionality. An attacker can execute arbitrary JavaScript code by injecting malicious scripts into user inputs. This can lead to unauthorized actions such as stealing session cookies, redirectin...

6.1CVSS5.5AI score0.00491EPSS
Exploits1References2
Snyk
Snyk
added 2025/03/20 12:32 p.m.3 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the search functionality. An attacker can execute arbitrary JavaScript code by injecting malicious scripts into user inputs. This can lead to unauthorized actions such as stealing session cookies, redirectin...

6.1CVSS5.5AI score0.00491EPSS
Exploits1References2
Snyk
Snyk
added 2025/03/20 10:46 a.m.2 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the delete API. An attacker can execute arbitrary JavaScript code by injecting malicious scripts into user inputs. This can lead to unauthorized actions such as stealing session cookies, redirecting to...

6.1CVSS5.5AI score0.00191EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/03/20 10:9 a.m.5 views

CVE-2024-9900 Cross-Site Scripting (XSS) in mudler/localai

mudler/localai version v2.21.1 contains a Cross-Site Scripting XSS vulnerability in its search functionality. The vulnerability arises due to improper sanitization of user input, allowing the injection and execution of arbitrary JavaScript code. This can lead to the execution of malicious scripts...

5.4CVSS5.5AI score0.00491EPSS
Exploits1References2
NVD
NVD
added 2025/03/19 5:15 p.m.9 views

CVE-2024-53967

Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session. By manipulating the DOM environment in the victim's browser, a low privileged...

5.4CVSS0.00326EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/19 4:10 p.m.13 views

CVE-2024-53967 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session. By manipulating the DOM environment in the victim's browser, a low privileged...

5.4CVSS0.00326EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/03/06 12:33 a.m.3 views

jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

A flaw was found in jQuery. HTML containing \ elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity...

6.9CVSS6.6AI score0.8383EPSS
Exploits6References6
RedHat Linux
RedHat Linux
added 2025/03/06 12:33 a.m.15 views

Moderate: Red Hat Security Advisory: pki-core security update

An update for pki-core is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.9CVSS7.2AI score0.8383EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2020-11023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one ...

6.9CVSS7.2AI score0.8383EPSS
Exploits6References1
RedHat Linux
RedHat Linux
added 2025/02/17 3:3 p.m.7 views

jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

A flaw was found in jQuery. HTML containing \ elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity...

6.9CVSS6.6AI score0.8383EPSS
Exploits6References6
RedHat Linux
RedHat Linux
added 2025/02/17 12:17 a.m.5 views

jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

A flaw was found in jQuery. HTML containing \ elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity...

6.9CVSS6.6AI score0.8383EPSS
Exploits6References6
RedHat Linux
RedHat Linux
added 2025/02/17 12:13 a.m.5 views

jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

A flaw was found in jQuery. HTML containing \ elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity...

6.9CVSS6.6AI score0.8383EPSS
Exploits6References6
Rows per page
Query Builder