Lucene search
K

15795 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:51 a.m.17 views

CVE-2019-10336

A reflected cross site scripting vulnerability in Jenkins ElectricFlow Plugin 1.1.6 and earlier allowed attackers able to control the output of the ElectricFlow API to inject arbitrary HTML and JavaScript in job configuration forms containing post-build steps provided by this plugin...

6.1CVSS5.8AI score0.01375EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:51 a.m.8 views

CVE-2019-10346

A reflected cross site scripting vulnerability in Jenkins Embeddable Build Status Plugin 2.0.1 and earlier allowed attackers inject arbitrary HTML and JavaScript into the response of this plugin...

6.1CVSS5.9AI score0.01693EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:50 a.m.8 views

CVE-2010-2700

Cross-site scripting XSS vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script CBQuick allows remote attackers to inject arbitrary web script or HTML via the search parameter...

4.3CVSS6AI score0.01178EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:48 a.m.6 views

CVE-2019-13975

eGain Chat 15.0.3 allows HTML Injection...

6.1CVSS6.8AI score0.00857EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:47 a.m.8 views

CVE-2012-3872

Multiple cross-site scripting XSS vulnerabilities in Open Constructor 3.12.0 allow remote attackers to inject arbitrary web script or HTML via 1 the result parameter to data/file/edit.php, 2 the q parameter to confirm.php, or 3 the keyword parameter to users/users.php...

4.3CVSS6AI score0.01378EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:45 a.m.7 views

CVE-2012-3832

Cross-site scripting XSS vulnerability in decoda/Decoda.php in Decoda before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to 1 b or 2 div tags...

4.3CVSS5.8AI score0.01483EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:36 a.m.8 views

CVE-2011-4827

Multiple cross-site scripting XSS vulnerabilities in AutoSec Tools V-CMS 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 p parameter to redirect.php and 2 box parameter to includes/TrueColorPicker/index.php, which is not properly handled in...

4.3CVSS6AI score0.01179EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:35 a.m.7 views

CVE-2011-4806

Multiple cross-site scripting XSS vulnerabilities in main.php in phpAlbum 0.4.1.16 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 var1 and 2 keyword parameters...

4.3CVSS5.9AI score0.01337EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:34 a.m.6 views

CVE-2013-0938

Cross-site scripting XSS vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.00942EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:34 a.m.8 views

CVE-2011-3856

Cross-site scripting XSS vulnerability in the Elegant Grunge theme before 1.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS6AI score0.03429EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:34 a.m.11 views

CVE-2019-15331

The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for WordPress has HTML injection...

6.1CVSS7AI score0.00913EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:33 a.m.7 views

CVE-2010-2365

Cross-site scripting XSS vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01033EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:31 a.m.7 views

CVE-2015-1373

Multiple cross-site scripting XSS vulnerabilities in admin.php in ferretCMS 1.0.4-alpha allow remote attackers to inject arbitrary web script or HTML via the 1 action parameter in a search request, 2 username in a login request, which is not properly handled when logging the event, or 3 page titl...

4.3CVSS6AI score0.03232EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:22 a.m.4 views

CVE-2011-4563

Cross-site scripting XSS vulnerability in index.php in JAKCMS 2.0.4.1, and possibly other versions before 2.2.6 2011-09-23, allows remote attackers to inject arbitrary web script or HTML via the userpost parameter in a PM request, related to tinymce. NOTE: some of these details are obtained from...

4.3CVSS6AI score0.01135EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:21 a.m.10 views

CVE-2012-6458

Multiple cross-site scripting XSS vulnerabilities in the SilverStripe e-commerce module 3.0 for SilverStripe CMS allow remote attackers to inject arbitrary web script or HTML via the 1 FirstName, 2 Surname, or 3 Email parameter to code/forms/OrderFormAddress.php; or the 4 FirstName or 5 Surname...

4.3CVSS6AI score0.00939EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:14 a.m.14 views

CVE-2019-10376

A reflected cross-site scripting vulnerability in Jenkins Wall Display Plugin 0.6.34 and earlier allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin...

6.1CVSS5.9AI score0.00816EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:14 a.m.8 views

CVE-2019-10360

A stored cross site scripting vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier allowed attackers to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins...

5.4CVSS5.7AI score0.00688EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:12 a.m.7 views

CVE-2019-1003023

A cross-site scripting vulnerability exists in Jenkins Warnings Next Generation Plugin 1.0.1 and earlier in src/main/java/io/jenkins/plugins/analysis/core/model/DetailsTableModel.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourceDetail.java,...

6.1CVSS6.1AI score0.01041EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:9 a.m.9 views

CVE-2019-0308

An authenticated attacker in SAP E-Commerce Business-to-Consumer application, versions 7.3, 7.31, 7.32, 7.33, 7.54, can change the price of the product to zero and also checkout, by injecting an HTML code in the application that will be executed whenever the victim logs in to the application even...

6.8CVSS6.8AI score0.00858EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:59 a.m.8 views

CVE-2010-2779

Cross-site scripting XSS vulnerability in WebAccess in Novell GroupWise 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to "replies."...

4.3CVSS5.8AI score0.01864EPSS
Exploits0References1
Rows per page
Query Builder