CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

RedhatCVE•added 2025/05/23 9:46 a.m.•7 views

CVE-2024-25875

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Undertitle text field...

6.1CVSS5.7AI score0.00083EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 9:45 a.m.•7 views

CVE-2024-25874

A cross-site scripting XSS vulnerability in the New/Edit Article module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Create Tag text field...

5.4CVSS5.2AI score0.00077EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 7:31 a.m.•5 views

CVE-2024-25876

6.1CVSS5.7AI score0.0018EPSS

Exploits1References1

Github Security Blog•added 2024/02/22 3:30 p.m.•11 views

Enhavo Cross-site Scripting vulnerability

6.1CVSS5.7AI score0.0018EPSS

Exploits1References4Affected Software1

Github Security Blog•added 2024/02/22 3:30 p.m.•20 views

Enhavo Cross-site Scripting vulnerability

6.1CVSS5.7AI score0.00083EPSS

Exploits1References4Affected Software1

OSV•added 2024/02/22 3:30 p.m.•10 views

GHSA-38M8-5GFC-663G Enhavo Cross-site Scripting vulnerability

5.4CVSS5.2AI score0.00077EPSS

Exploits1References4

OSV•added 2024/02/22 3:30 p.m.•12 views

GHSA-C579-HHW5-CR3P Enhavo Cross-site Scripting vulnerability

6.1CVSS5.8AI score0.00083EPSS

Exploits1References4

Github Security Blog•added 2024/02/22 3:30 p.m.•14 views

Enhavo Cross-site Scripting vulnerability

5.4CVSS5.7AI score0.00077EPSS

Exploits1References4Affected Software1

NVD•added 2024/02/22 2:15 p.m.•8 views

CVE-2024-25876

6.1CVSS5.5AI score0.0018EPSS

Exploits1References2

OSV•added 2024/02/22 2:15 p.m.•4 views

CVE-2024-25876

6.1CVSS5.9AI score

Exploits0References2

OSV•added 2024/02/22 2:15 p.m.•5 views

CVE-2024-25874

5.4CVSS5.2AI score

Exploits0References2

NVD•added 2024/02/22 2:15 p.m.•11 views

CVE-2024-25874

5.4CVSS5.5AI score0.00077EPSS

Exploits1References2

OSV•added 2024/02/22 2:15 p.m.•7 views

CVE-2024-25875

6.1CVSS5.9AI score

Exploits0References2

Prion•added 2024/02/22 2:15 p.m.•8 views

Cross site scripting

6.1AI score0.0018EPSS

Exploits1References2

Prion•added 2024/02/22 2:15 p.m.•8 views

Cross site scripting

6.1AI score0.00077EPSS

Exploits1References2

Positive Technologies•added 2024/02/22 12:0 a.m.•2 views

PT-2024-21179 · Unknown · Enhavo Cms

Name of the Vulnerable Software and Affected Versions: Enhavo CMS version 0.13.1 Description: A cross-site scripting XSS issue in the Header module allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Undertitle text field. This enables attackers to...

6.1CVSS6.2AI score0.00083EPSS

Exploits1References9

Cvelist•added 2024/02/22 12:0 a.m.•14 views

CVE-2024-25875

5.7AI score0.00083EPSS

Exploits1References2

Positive Technologies•added 2024/02/22 12:0 a.m.•1 views

PT-2024-21180 · Unknown · Enhavo Cms

Name of the Vulnerable Software and Affected Versions: Enhavo CMS version 0.13.1 Description: A cross-site scripting XSS issue in the Header module allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field. Recommendations: For Enhavo CMS...

6.1CVSS6.3AI score0.0018EPSS

Exploits1References9

CVE•added 2024/02/22 12:0 a.m.•3783 views

CVE-2024-25875

CVE-2024-25875 is an XSS vulnerability in the Header module of Enhavo CMS v0.13.1, exploitable via crafted input in the Undertitle text field. Affected component: Undertitle handling in the Header module; root cause: insufficient input validation/escaping in Undertitle processing as described acr...

6.1CVSS5.6AI score0.00083EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2024/02/22 12:0 a.m.•10 views

CVE-2024-25876

5.9AI score0.0018EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by