Lucene search
K

10789 matches found

Nuclei
Nuclei
added 10 hours ago57 views

Citrix ADC/Gateway - Cross-Site Scripting

Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 contain a cross-site scripting vulnerability due to improper input validation. id: CVE-2020-8191 info: name: Citrix...

6.1CVSS6.6AI score0.22941EPSS
Exploits0References5
NVD
NVD
added yesterday6 views

CVE-2026-57780

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Plugin Envision Envision Page Builder envision-page-builder allows DOM-Based XSS.This issue affects Envision Page Builder: from n/a through = 0.22...

6.5CVSS0.00218EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57732

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Opt-In Builder td-subscription allows DOM-Based XSS.This issue affects tagDiv Opt-In Builder: from n/a through = 1.7.4...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57725

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Kirki kirki allows Stored XSS.This issue affects Kirki: from n/a through = 6.0.11...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-57364

Improper Validation of Specified Quantity in Input vulnerability in WPDeveloper Better Payment – Instant Payments, Donations, Fundraising with Subscriptions & More better-payment allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Better Payment – Instant Payments,...

6.5CVSS0.00351EPSS
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-57382

CVE-2026-57382 is a reflected XSS vulnerability in the WordPress plugin Simple File List (version range: affected up to 6.3.8). The issue arises in the plugin’s web page generation and input handling, enabling a reflected cross-site scripting payload. CVSSv3.1 metrics indicate Network attack vect...

7.1CVSS6.1AI score0.00251EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-57700

Name of the Vulnerable Software and Affected Versions Themefic Hydra Booking versions prior to 1.1.45 Description Stored Cross-site Scripting XSS occurs due to improper neutralization of input during web page generation. This allows an attacker to inject malicious scripts that are stored on the...

7.1CVSS6.1AI score0.00251EPSS
Exploits0References3
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-43073

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Colorbox allows Cross-Site Scripting XSS. This issue affects Colorbox versions: from 0.0.0 to 2.1.5, from 0.0.0 to 2.2.0...

6.1AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-43070

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-43077

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Siteimprove Analytics allows Cross-Site Scripting XSS. This issue affects Siteimprove Analytics versions: from 0.0.0 to 2.0.1...

6.1AI score0.00186EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43085

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0....

6.1AI score0.0015EPSS
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-58587

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1CVSS0.00204EPSS
Exploits0References1
NVD
NVD
added 4 days ago5 views

CVE-2026-15082

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Siteimprove Analytics allows Cross-Site Scripting XSS. This issue affects Siteimprove Analytics versions: from 0.0.0 to 2.0.1...

5.4CVSS0.00186EPSS
Exploits0References1
CVE
CVE
added 4 days ago449 views

CVE-2026-55808

CVE-2026-55808 is a Drupal core XSS vulnerability caused by improper input neutralization during web page generation. Affects Drupal core versions including 10.5.x before 10.5.12, 10.6.x before 10.6.11, 11.2.x before 11.2.14, 11.3.x before 11.3.12, and earlier 11.0./11.1. ranges. The issue arises...

5.4CVSS6.1AI score0.0015EPSS
Exploits0References1
OSV
OSV
added 4 days ago2 views

CVE-2026-55808 Drupal core - Moderately critical - Improper validation - SA-CORE-2026-009

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0....

5.4CVSS6.1AI score0.0015EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-55808 Drupal core - Moderately critical - Improper validation - SA-CORE-2026-009

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0....

0.0015EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-58588 Drupal Canvas - Moderately critical - Improper validation - SA-CONTRIB-2026-066

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

0.00204EPSS
Exploits0References1
OSV
OSV
added 4 days ago2 views

CVE-2026-58588 Drupal Canvas - Moderately critical - Improper validation - SA-CONTRIB-2026-066

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1CVSS6.1AI score0.00204EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-58587 Drupal Canvas - Moderately critical - Improper validation - SA-CONTRIB-2026-065

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

0.00204EPSS
Exploits0References1
NVD
NVD
added 4 days ago4 views

CVE-2026-3251

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Webremium Istanbul Web Design Mezunum Satiyorum allows Stored XSS. This issue affects Mezunum Satiyorum: from 1.2.504 through 10072026. NOTE: The vendor was contacted early about this disclosure bu...

6.4CVSS0.00148EPSS
Exploits0References1
Rows per page
Query Builder