Lucene search
K

857 matches found

EUVD
EUVD
added 2 days ago6 views

EUVD-2026-43070

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-43073

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Colorbox allows Cross-Site Scripting XSS. This issue affects Colorbox versions: from 0.0.0 to 2.1.5, from 0.0.0 to 2.2.0...

6.1AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-43085

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0....

6.1AI score0.0015EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-56411

Name of the Vulnerable Software and Affected Versions Mediküm Web versions through 08072026 Description Improper neutralization of input during web page generation allows Reflected Cross-Site Scripting XSS, a flaw where malicious scripts are reflected off a web application to the victim's browser...

6.1CVSS6.1AI score0.00149EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/01 3:4 p.m.6 views

CVE-2026-58038

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files includes/Timeline.Php, scripts/EasyTimeline.Pl. This issue affects timeline: from before 1.46.0, 1.45.4,...

5.8AI score0.00143EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 3:53 p.m.18 views

CVE-2026-12621

GridTime 3000 GNSS Time Server Password Reset form is vulnerable to XSS due to improper neutralization of input during web page generation. Affected from 1.0r0.03 up to, but not including, 1.2r0.0. Base CVSS v4 score is 5.3 (Medium). No exploitation details are provided in the documents; no remed...

5.4CVSS5.8AI score0.00136EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/18 10:43 a.m.9 views

EUVD-2026-37873

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricksable for Bricks Builder allows Stored XSS. This issue affects Bricksable for Bricks Builder: from n/a through 1.6.83...

5.9CVSS5.3AI score0.0014EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 12:31 a.m.10 views

EUVD-2026-36361

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iova.Mihai SliceWP allows Stored XSS. This issue affects SliceWP: from n/a through 1.2.6...

7.1CVSS5.4AI score0.00142EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.10 views

CVE-2026-45501

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.4AI score0.00308EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.13 views

EUVD-2026-35511

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS7.1AI score0.00505EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.11 views

Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS7AI score0.00505EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.23 views

PT-2026-47955

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS7.1AI score0.00505EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-48029

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

8.1CVSS5.4AI score0.00353EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.10 views

CVE-2026-8493

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Colorbox Inline allows Cross-Site Scripting XSS. This issue affects Colorbox Inline: from 0.0.0 before 2.1.1...

5.4CVSS5.4AI score0.00177EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-39840

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.1CVSS5.4AI score0.00158EPSS
Exploits1References1
Veracode
Veracode
added 2026/06/03 9:56 a.m.12 views

Cross-Site Scripting (XSS)

drupal/googletag is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of user-supplied input during web page generation, which allows an attacker to inject and execute malicious scripts in a victim's browser through crafted input...

4.8CVSS5.5AI score0.00218EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/02 10:43 a.m.10 views

EUVD-2026-33910

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ahmad WP Job Portal allows Reflected XSS. This issue affects WP Job Portal: from n/a through 2.5.1...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 9:40 a.m.11 views

EUVD-2025-210033

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UnboundStudio Accordion FAQ allows Reflected XSS. This issue affects Accordion FAQ: from n/a through 2.2.1...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/28 7:40 p.m.14 views

EUVD-2026-33012

Improper Neutralization of Input During Web Page Generation CWE-79 in Kibana can lead to stored HTML injection. A user with write access to an Elasticsearch index could persist crafted markup which, when subsequently rendered through an affected Kibana view by another user, was not sufficiently...

4.1CVSS5.8AI score0.00141EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:49 a.m.13 views

CVE-2026-42734

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Reflected XSS.This issue affects Geo Mashup: from n/a through = 1.13.19...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References2
Rows per page
Query Builder