Lucene search
K

852 matches found

Vulnrichment
Vulnrichment
added 2026/03/09 12:0 a.m.5 views

CVE-2025-70060

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0...

5.8AI score0.00191EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/09 12:0 a.m.5 views

CVE-2025-70060

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0...

5.4CVSS5.8AI score0.00191EPSS
Exploits0References4
NVD
NVD
added 2026/03/05 6:16 a.m.12 views

CVE-2026-28103

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LBG Zoominoutslider lbgzoominoutslider allows Reflected XSS.This issue affects LBG Zoominoutslider: from n/a through = 5.4.5...

7.1CVSS0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/05 5:54 a.m.7 views

CVE-2026-28122

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CridioStudio ListingPro listingpro-plugin allows Reflected XSS.This issue affects ListingPro: from n/a through = 2.9.8...

5.9AI score0.00146EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/05 5:53 a.m.3 views

CVE-2026-27352

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Starto allows Reflected XSS.This issue affects Starto: from n/a before 2.2.5...

7.1CVSS5.9AI score0.00191EPSS
Exploits0References3
CVE
CVE
added 2026/03/05 5:53 a.m.10 views

CVE-2026-22438

The CVE CVE-2026-22438 describes a reflected Cross‑Site Scripting vulnerability in the WordPress TheBi theme, affecting versions through 1.0.5. The issue arises from improper input neutralization during web page generation, enabling an attacker to craft a URL that, when visited by a user, execute...

7.1CVSS5.9AI score0.00237EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.9 views

PT-2026-23376

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup UberSlider MouseInteraction uberSlider mouseinteraction allows Reflected XSS.This issue affects UberSlider MouseInteraction: from n/a through = 2.3...

5.9AI score0.0018EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/26 12:6 p.m.6 views

CVE-2025-14343 Reflected XSS in Dokuzsoft Technology's E-Commerce Product

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Dokuzsoft Technology Ltd. E-Commerce Product allows Reflected XSS. This issue affects E-Commerce Product: through 10122025...

7.6CVSS5.8AI score0.00185EPSS
Exploits0References2
NVD
NVD
added 2026/02/26 11:16 a.m.20 views

CVE-2025-64999

Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link...

7.3CVSS0.00141EPSS
Exploits1References2
OSV
OSV
added 2026/02/26 10:26 a.m.5 views

CVE-2025-64999 Cross-site scripting in HTML logs of Synthetic Monitoring test services

Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link...

7.3CVSS5.9AI score0.00141EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.5 views

CVE-2026-22357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through = 0.9.2...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.5 views

CVE-2024-56208

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in desertthemes NewsMash newsmash allows Stored XSS.This issue affects NewsMash: from n/a through = 1.0.71...

6.5CVSS0.00215EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:46 p.m.7 views

CVE-2025-69296

CVE-2025-69296 is a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress theme Aardvark (GhostPool Aardvark aardvark), affecting versions up to and including 4.6.3 . The root cause is improper input neutralization during web page generation, enabling an attacker to inject arbitrary...

7.1CVSS5.5AI score0.0023EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.7 views

PT-2026-21045

Name of the Vulnerable Software and Affected Versions FluentCart versions prior to 1.3.0 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting XSS condition. This allows an attacker to inject...

5.4AI score0.0023EPSS
Exploits0References3
NVD
NVD
added 2026/02/19 9:18 p.m.7 views

CVE-2026-27360

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Stored XSS.This issue affects Photo Gallery by 10Web: from n/a through = 1.8.38...

5.9CVSS0.00195EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/17 1:47 p.m.28 views

CVE-2026-23861

Dell Unisphere for PowerMax vApp, versions 9.2.4.x, contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML o...

5.4CVSS0.00159EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 6:16 p.m.8 views

CVE-2026-21516

Improper neutralization of special elements used in a command 'command injection' in Github Copilot allows an unauthorized attacker to execute code over a network...

7.8CVSS5.9AI score0.0081EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/04 8:25 p.m.5 views

EUVD-2026-5337

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AT Internet Piano Analytics allows Cross-Site Scripting XSS.This issue affects AT Internet Piano Analytics: from 0.0.0 before 1.0.1, from 2.0.0 before 2.3.1...

4.8CVSS5.3AI score0.00142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 1:20 p.m.5 views

CVE-2025-8589

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in AKCE Software Technology R Industry and Trade Inc. SKSPro allows Reflected XSS.This issue affects SKSPro: through 07012026...

7.6CVSS5.3AI score0.00258EPSS
Exploits0References1
NVD
NVD
added 2026/02/04 8:16 a.m.8 views

CVE-2026-1819

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Karel Electronics Industry and Trade Inc. ViPort allows Stored XSS. This issue affects ViPort: through 23012026...

8.8CVSS0.00322EPSS
Exploits0References2
Rows per page
Query Builder