Mediawiki GlobalBlocking Extension 安全漏洞

Mediawiki GlobalBlocking Extension is an extension of the Wikimedia Foundation USA. A security vulnerability exists in Mediawiki GlobalBlocking Extension versions 1.43 and 1.44, which stems from improper input neutralization and could lead to a stored cross-site scripting attack...

MediaWiki - LastModified Extension 安全漏洞

Mediawiki - LastModified Extension is a MediaWiki extension for displaying the last modified time of a page. Mediawiki - LastModified Extension suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which...

MediaWiki - PageForms extension 安全漏洞

MediaWiki - PageForms extension is an open source page editing plugin for MediaWiki. A security vulnerability exists in MediaWiki - PageForms extension version 1.44, which stems from improper input neutralization and could lead to a stored cross-site scripting attack...

CVE-2025-48087

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jason C. Memberlite Shortcodes memberlite-shortcodes allows Stored XSS.This issue affects Memberlite Shortcodes: from n/a through 1.4.1...

CVE-2025-62662

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - AdvancedSearch Extension allows Stored XSS.This issue affects Mediawiki - AdvancedSearch Extension: from master before 1.39...

Mediawiki - Skin:BlueSky 安全漏洞

Mediawiki - Skin:BlueSky is an open source appearance plugin for Mediawiki. A security vulnerability exists in Mediawiki - Skin:BlueSky versions prior to 1.39, which stems from improper input neutralization and could lead to a stored cross-site scripting attack...

Mediawiki - GrowthExperiments Extension 安全漏洞

Mediawiki - GrowthExperiments Extension is an extension to MediaWiki designed to increase new user engagement and the quality of content contributions through a task system, a recommendation mechanism and a mentor feature. A cross-site scripting vulnerability exists in Mediawiki - GrowthExperimen...

Mediawiki - FlexDiagrams Extension 安全漏洞

Mediawiki - FlexDiagrams Extension is an extension to MediaWiki for embedding and displaying diagrams or flowcharts in wiki pages. Mediawiki - FlexDiagrams Extension suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...

CVE-2025-62654 Stored XSS through system messages in QuizGame

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation MediaWiki QuizGame extension allows Stored XSS.This issue affects MediaWiki QuizGame extension: 1.39, 1.43, 1.44...

CVE-2025-8459

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Monitoring recurrent downtime scheduler modules allows Stored XSS.This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from 24.04.0 before 24.04.18,...

CVE-2025-58324

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiSIEM 7.2.0 through 7.2.2, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions may allow an authenticated attacker ...

CVE-2025-58324

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiSIEM 7.2.0 through 7.2.2, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions may allow an authenticated attacker ...

CVE-2025-58324

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiSIEM 7.2.0 through 7.2.2, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions may allow an authenticated attacker ...

BIT-KIBANA-2025-25018 Kibana Stored Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation in Kibana can lead to stored Cross-Site Scripting XSS...

BIT-ELK-2025-25018 Kibana Stored Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation in Kibana can lead to stored Cross-Site Scripting XSS...

BIT-ELK-2025-25017 Kibana Stored Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation in Kibana can lead to Cross-Site Scripting XSS...

Fortinet FortiSIEM 跨站脚本漏洞

Fortinet FortiSIEM is a security information and event management system from Fortinet, Inc. The system includes features such as asset discovery, workflow automation, and unified management. A cross-site scripting vulnerability exists in Fortinet FortiSIEM that stems from improper input...

Centreon 安全漏洞

Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for resources such as networks, systems and applications. A security vulnerability exists in Centreon versions 24.10.0 through 24.10.13, 24.04.0 through 24.04.1...

CVE-2025-9550 Facets - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-100

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Facets allows Cross-Site Scripting XSS.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...

CVE-2025-4615

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI...