5651 matches found
CVE-2025-70033
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...
CVE-2025-70060
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0...
CVE-2025-70060
The CVE-2025-70060 entry concerns YMFE yapi v1.12.0 with a CWE-79 weakness (Improper Neutralization of Input During Web Page Generation). The connected sources consistently identify this as a input handling flaw in the web page generation process for YMFE yapi, without detailing exploited vectors...
PT-2026-24080
Name of the Vulnerable Software and Affected Versions YMFE yapi version 1.12.0 Description An issue exists due to improper neutralization of input during web page generation. This allows for potential cross-site scripting XSS attacks. The issue is related to CWE-79. Recommendations At the moment,...
CVE-2025-70038
CVE-2025-70038 affects linagora Twake v2023.Q1.1223. The issue is CWE-79 (Improper Neutralization of Input During Web Page Generation) enabling arbitrary code execution. Reported across multiple feeds (Red Hat, NVD, CIRCL, ENISA EUVD) with CVSSv3.1 base score 8.8 ( HIGH; AV:N/AC:L/PR:N/UI:R/S:U/C...
CVE-2025-70060
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0...
CVE-2025-70038
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...
CVE-2025-70060
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0...
PT-2026-24087
Name of the Vulnerable Software and Affected Versions linagora Twake version 2023.Q1.1223 Description An issue exists due to improper neutralization of input during web page generation, which allows attackers to execute arbitrary code. This is a Cross-Site Scripting XSS issue. Recommendations At...
CVE-2025-70033
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...
CVE-2025-70060
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0...
PT-2026-24096
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...
CVE-2025-70033
CVE-2025-70033 affects Sunbird-Ed SunbirdEd-portal v1.13.4. The issue is CWE-79: Improper Neutralization of Input During Web Page Generation in Sunbird-Ed’s portal. CVSSv3.1 base: 5.4 (MEDIUM) with Network attack vector, Low confidentiality and integrity impact, no availability impact; user inter...
CVE-2026-28126
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sizam RH Frontend Publishing Pro rh-frontend allows Reflected XSS.This issue affects RH Frontend Publishing Pro: from n/a through 4.3.4...
CVE-2026-22438
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in foreverpinetree TheBi thebi allows Reflected XSS.This issue affects TheBi: from n/a through = 1.0.5...
EUVD-2026-9782
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AndonDesign UDesign u-design allows Reflected XSS.This issue affects UDesign: from n/a through = 4.14.0...
EUVD-2026-9779
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Lawyer Directory lawyer-directory allows Reflected XSS.This issue affects Lawyer Directory: from n/a through = 1.3.2...
EUVD-2026-9758
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LBG Zoominoutslider lbgzoominoutslider allows Reflected XSS.This issue affects LBG Zoominoutslider: from n/a through = 5.4.5...
CVE-2026-28099
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup UberSlider Ultra uberSliderultra allows Reflected XSS.This issue affects UberSlider Ultra: from n/a through = 2.3...
CVE-2026-28103
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LBG Zoominoutslider lbgzoominoutslider allows Reflected XSS.This issue affects LBG Zoominoutslider: from n/a through = 5.4.5...