CVE-2024-54230

CVE-2024-54230 describes a DOM-based cross-site scripting (XSS) vulnerability in the WordPress plugin Unlock Addons for Elementor (WPRealizer Unlock Addons for Elementor). The issue arises from improper neutralization of input during web page generation. The CVE text indicates the flaw affects Un...

CVE-2024-53823

CVE-2024-53823 involves a DOM-based cross-site scripting (XSS) vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite (WordPress plugin). The root cause is improper neutralization of input during web page generation, enabling XSS in affected pages. Affected software: The Plus A...

Mozilla Firefox ESR Security Update (MFSA2024-65) - Windows

Mozilla Firefox ESR is prone to an enhanced tracking protection CSP frame-src bypass and DOM-based XSS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2024-51571

CVE-2024-51571 concerns a Domino/DOM-based Cross-Site Scripting (XSS) vulnerability in the WordPress plugin MasterBip para Elementor . The vulnerability stems from improper neutralization of inputs during web page generation, allowing DOM-Based XSS. Affected versions are 1.6.3 and earlier; the is...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2024-27890)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Unspecified Vulnerability in Adobe Experience Manager (CNVD-2024-27885)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2024-27882)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

CVE-2024-36239

CVE-2024-36239 affects Adobe Experience Manager (AEM) versions 6.5.20 and earlier, where a DOM-based XSS vulnerability could allow an attacker to execute arbitrary JavaScript in the victim’s browser session. Exploitation typically requires user interaction (e.g., clicking a crafted link). CVSS v3...

Exploit for Cross-site Scripting in Setorinformatica S.I.L.

CVE-2024-24035 Title The SIL 3.1 is vulnerable to Cross Site...

CVE-2023-51064

QStar Archive Solutions Release RELEASE3-0 Build 7 Patch 0 was discovered to contain a DOM Based reflected XSS vulnerability within the component qnme-ajax?method=treetable...

CVE-2023-48609

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2023-48474

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

taoCMS 跨站脚本漏洞

taoCMS is a Chinese micro CMS Content Management System. A security vulnerability exists in taoCMS 3.0.2 and earlier versions, which stems from a DOM-type cross-site scripting XSS vulnerability...

EUVD-2022-30825

Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting XSS vulnerability via the component /u8sl/WebHelp...

GHSA-QH7X-J4V8-QW5W Clipboard-based XSS

Impact XSS against the user. Details jsuites is vulnerable to DOM based XSS if the user can be tricked into copying anything from a malicious and pasting it into the html editor. This is because a part of the clipboard content is directly written to innerHTML causing XSS. References The Curious...

Cross site scripting

BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting XSS. A DOM-based cross-site scripting vulnerability was discovered in a legacy utility...

Cross site scripting

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting dom-based vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

Important: Red Hat Security Advisory: python-django-horizon security update

An update for python-django-horizon is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Self-XSS in Microsoft Dynamics CRM 2013 SP1

High-Tech Bridge Security Research Lab discovered a DOM-based self-XSS vulnerability in Microsoft Dynamics CRM 2013 SP1, which can be exploited to perform Cross-Site Scripting attacks against authenticated users. The vulnerability exists due to insufficient filtration of user-supplied input passe...