Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

120 matches found

Cvelist
Cvelistadded 2023/12/29 11:45 a.m.15 views

CVE-2023-41814 XSS Vulnerability Messages

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pandora FMS on all allows Cross-Site Scripting XSS. Through an HTML payload iframe tag it is possible to carry out XSS attacks when the user receiving the messages opens their notifications. This...

3.7CVSS6AI score0.00689EPSS
Exploits0References1
Huntr
Huntradded 2023/08/05 10:21 p.m.11 views

HTML Injection - real Aptabase emails

Description Due to lack of validation Name field during registration, bad actor can send emails with HTML injected code to the victims. Proof of Concept Payload example: Jameees Repro steps: Go to https://eu.aptabase.com/auth/register and for field 'Name' use payload with HTML. Open email from...

7AI score
Exploits0References2
GithubExploit
GithubExploitadded 2023/08/01 11:40 a.m.371 views

Exploit for Cross-site Scripting in Ninjaforms Ninja_Forms

CVE-2023-37979 Exploit !Python Versionhttps://img.shields...

7.1CVSS6.4AI score0.45008EPSS
Exploits6
Prion
Prionadded 2023/07/06 3:15 p.m.17 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.9CVSS5.2AI score0.00104EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2023/07/06 3:15 p.m.15 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Management Custom label module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.9CVSS5.2AI score0.00104EPSS
Exploits1References1Affected Software1
Github Security Blog
Github Security Blogadded 2023/04/10 6:30 a.m.36 views

XXL-JOB vulnerable to Cross-site Scripting

XXL-JOB com.xuxueli:xxl-job versions 2.4.0 and earlier are vulnerable to cross-site scripting XSS. An HTML uploaded payload can be executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

6.1CVSS5.8AI score0.00291EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2023/04/10 6:30 a.m.12 views

GHSA-4J2P-X79M-JCJ8 XXL-JOB vulnerable to Cross-site Scripting

XXL-JOB com.xuxueli:xxl-job versions 2.4.0 and earlier are vulnerable to cross-site scripting XSS. An HTML uploaded payload can be executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

6.1CVSS5.5AI score0.00291EPSS
Exploits1References3
OSV
OSVadded 2023/04/10 5:15 a.m.3 views

CVE-2023-26120

This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

6.1CVSS6.3AI score0.00291EPSS
Exploits1References1
Prion
Prionadded 2023/04/10 5:15 a.m.13 views

Hardcoded credentials

This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

5.8CVSS6.2AI score0.00291EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2023/04/10 5:0 a.m.8 views

CVE-2023-26120

This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

5.4CVSS6.7AI score0.00291EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/04/10 5:0 a.m.15 views

CVE-2023-26120

This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

5.4CVSS6.5AI score0.00291EPSS
Exploits1References1
CVE
CVEadded 2023/04/10 5:0 a.m.45 views

CVE-2023-26120

CVE-2023-26120 affects com.xuxueli:xxl-job; multiple sources confirm an HTML payload can be executed via /xxl-job-admin/user/add and /xxl-job-admin/user/update, enabling cross-site scripting (XSS). Affected versions include 2.4.0 and earlier, with the issue originating from unsafe handling of HTM...

6.1CVSS6.2AI score0.00291EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2023/04/05 9:15 p.m.14 views

CVE-2023-1787

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description...

5.3CVSS4.5AI score0.00494EPSS
Exploits0References2
Prion
Prionadded 2023/04/05 9:15 p.m.18 views

Design/Logic Flaw

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description...

5CVSS4.9AI score0.00494EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2023/04/05 9:15 p.m.1 views

UBUNTU-CVE-2023-1787

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description...

5.3CVSS5.7AI score0.00494EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/04/05 12:0 a.m.16 views

CVE-2023-1787

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description...

4.3CVSS5.6AI score0.00494EPSS
Exploits0References2
CVE
CVEadded 2023/04/05 12:0 a.m.93 views

CVE-2023-1787

GitLab CVE-2023-1787 affects GitLab versions 15.9 before 15.9.4 and 15.10 before 15.10.1. The issue arises from a crafted HTML payload in an issue description that triggers a search timeout, a potential denial-of-service condition with availability impact. There are no exploit details in the prov...

5.3CVSS5.1AI score0.00494EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2023/04/05 12:0 a.m.17 views

CVE-2023-1787

Removed by vendor...

5.3CVSS6AI score0.00494EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2023/04/05 12:0 a.m.9 views

CVE-2023-1787

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description...

4.3CVSS4.4AI score0.00494EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/04/05 12:0 a.m.2 views

PT-2023-17245 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 15.9 through 15.9.3 GitLab versions 15.10 through 15.10.0 Description: An issue has been discovered in GitLab where a search timeout could be triggered if a specific HTML payload was used in the issue description...

5.3CVSS4.8AI score0.00494EPSS
Exploits0References10
Rows per page
Query Builder