CVE-2022-50684

An HTML injection vulnerability in Kentico Xperience allows attackers to inject malicious HTML values into form submission emails via unencoded form fields. Unencoded form values could enable HTML content execution in recipient email clients, potentially compromising email security...

CVE-2022-50684 Kentico Xperience <= 13.0.71 Form Emails HTML Injection

An HTML injection vulnerability in Kentico Xperience allows attackers to inject malicious HTML values into form submission emails via unencoded form fields. Unencoded form values could enable HTML content execution in recipient email clients, potentially compromising email security...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-0012750)

Adobe Experience Manager is an enterprise-class content management solution from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which stems from a stored cross-site scripting vulnerability in form fields, for which no detailed vulnerability details are currently...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-0013442)

Adobe Experience Manager is an enterprise-class content management solution from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which stems from a stored cross-site scripting vulnerability in form fields, for which no detailed vulnerability details are currently...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-0012849)

Adobe Experience Manager is an enterprise-class content management solution from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which stems from a stored cross-site scripting vulnerability in form fields, for which no detailed vulnerability details are currently...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-0012948)

Adobe Experience Manager is an enterprise-class content management solution from Adobe. Adobe Experience Manager suffers from a cross-site scripting vulnerability that originates from a low-privilege attacker who can inject malicious script into form fields, no details of the vulnerability are...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-0013244)

Adobe Experience Manager is an enterprise-class content management solution from Adobe. Adobe Experience Manager suffers from a cross-site scripting vulnerability that originates from a low-privilege attacker who can inject malicious script into form fields, no details of the vulnerability are...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-0013343)

Adobe Experience Manager is an enterprise-class content management solution from Adobe. Adobe Experience Manager suffers from a cross-site scripting vulnerability that originates from a low-privilege attacker who can inject malicious script into form fields, no details of the vulnerability are...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-0013541)

Adobe Experience Manager is an enterprise-class content management solution from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which stems from a stored cross-site scripting vulnerability in form fields, for which no detailed vulnerability details are currently...

CVE-2024-58293

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject template payloads in items, taxes, transactions, and vendor name fields to perform arithmetic...

EUVD-2024-55338

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject template payloads in items, taxes, transactions, and vendor name fields to perform arithmetic...

CVE-2024-58293

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject template payloads in items, taxes, transactions, and vendor name fields to perform arithmetic...

CVE-2024-58293

CVE-2024-58293 affects Akaunting 3.1.8 with a server-side template injection vulnerability. Authenticated administrators can inject template expressions into multiple form fields (items, taxes, transactions, vendor name), enabling arithmetic operations and string manipulations. Public sources in ...

CVE-2024-58293 Akaunting 3.1.8 Server-Side Template Injection via Multiple Form Fields

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject template payloads in items, taxes, transactions, and vendor name fields to perform arithmetic...

CVE-2024-58293 Akaunting 3.1.8 Server-Side Template Injection via Multiple Form Fields

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject template payloads in items, taxes, transactions, and vendor name fields to perform arithmetic...

CVE-2025-64804

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-64840

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-64596

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-64615

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2025-64839

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...