Lucene search
K

5661 matches found

Positive Technologies
Positive Technologies
added 2021/12/17 12:0 a.m.3 views

PT-2021-23274 · Unknown · Livehelperchat

Name of the Vulnerable Software and Affected Versions: livehelperchat affected versions not specified Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This means that the software does not properly neutralize use...

7.3CVSS6AI score0.00634EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2021/12/16 2:27 p.m.25 views

pimcore is vulnerable to Cross-site Scripting

pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

6.1CVSS1.9AI score0.00755EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/12/16 2:15 p.m.6 views

CVE-2021-4124

janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

8.1CVSS6.8AI score0.00942EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2021/12/16 8:15 a.m.6 views

CVE-2021-4121

yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

6.4CVSS6.5AI score0.00764EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/12/16 12:0 a.m.1 views

PT-2021-23206 · Unknown +2 · Janus-Gateway +2

Name of the Vulnerable Software and Affected Versions: janus-gateway affected versions not specified Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This means that the software fails to properly neutralize user...

8.8CVSS8.1AI score0.00942EPSS
Exploits2References18
ATTACKERKB
ATTACKERKB
added 2021/12/14 8:15 p.m.5 views

CVE-2021-4108

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

6.4CVSS6.5AI score0.00764EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2021/12/14 3:15 p.m.5 views

CVE-2021-4107

yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

6.1CVSS5.9AI score0.00782EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2021/12/10 12:15 p.m.5 views

CVE-2021-4084

pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

7.4CVSS6.8AI score0.0156EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2021/12/10 11:15 a.m.5 views

CVE-2021-4081

pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

6.1CVSS5.9AI score0.00755EPSS
Exploits1References3
Prion
Prion
added 2021/12/08 2:15 p.m.17 views

Cross site scripting

A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to the login webpage...

4.3CVSS6.6AI score0.00885EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/12/08 1:15 p.m.28 views

CVE-2021-41015

A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to SAML login handler...

6.1CVSS0.00823EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/08 11:29 a.m.16 views

CVE-2021-41029

A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiWLM version 8.6.1 and below allows attacker to store malicious javascript code in the device and trigger it via crafted HTTP requests...

6.4CVSS6.7AI score0.00515EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/12/08 11:15 a.m.5 views

CVE-2021-4050

livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

6.1CVSS6.3AI score0.0085EPSS
Exploits1References3
PyPA
PyPA
added 2021/12/01 11:15 a.m.3 views

PYSEC-2021-438

django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

9.6CVSS6.7AI score0.01354EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/12/01 10:15 a.m.5 views

CVE-2021-4018

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

6.3CVSS6.2AI score0.00635EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2021/11/27 10:15 a.m.8 views

CVE-2021-4020

janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

8.8CVSS6.7AI score0.00818EPSS
Exploits1References3
OSV
OSV
added 2021/11/27 10:15 a.m.4 views

DEBIAN-CVE-2021-4020

janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

5.4CVSS6.7AI score0.00818EPSS
Exploits1References1
OSV
OSV
added 2021/11/27 10:15 a.m.4 views

CVE-2021-4020

janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

5.4CVSS6.6AI score
Exploits0References2
NVD
NVD
added 2021/11/13 9:15 a.m.13 views

CVE-2021-3945

django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

8.8CVSS0.0098EPSS
Exploits1References2
NVD
NVD
added 2021/11/02 6:15 p.m.20 views

CVE-2020-15940

An improper neutralization of input vulnerability CWE-79 in FortiClientEMS versions 6.4.1 and below and 6.2.9 and below may allow a remote authenticated attacker to inject malicious script/tags via the name parameter of various sections of the server...

5.4CVSS0.00711EPSS
Exploits0References1
Rows per page
Query Builder