52 matches found
PT-2025-48961
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.0.2 Splunk Enterprise versions 9.2.10 through 9.4.6 Splunk Enterprise versions 9.3.8 Splunk Secure Gateway app versions below 3.7.28 Splunk Secure Gateway app versions 3.8.58 and below Splunk Secure Gatew...
Splunk Enterprise 9.2 < 9.2.10, 9.3 < 9.3.8, 9.4 < 9.4.6, 10.0 < 10.0.2 (SVD-2025-1208)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1208 advisory. - In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the...
EUVD-2021-11252
Malware in sbrugna...
EUVD-2021-11251
Malware in sbrugna...
CVE-2024-44771
BigId PrivacyPortal v179 is vulnerable to Cross Site Scripting XSS via the "Label" field in the Report template function...
CVE-2023-47095
A Stored Cross-Site Scripting XSS vulnerability in the Custom fields of Edit Virtual Server under System Customization in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Batch Label field while details of Virtual Server...
CVE-2021-24339
The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting XSS security vulnerability within the 'Menu Label' field parameter...
CVE-2014-3841
Cross-site scripting XSS vulnerability in the Contact Bank plugin before 2.0.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third party information...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the field label or handle during the import process from JSON. An attacker can execute arbitrary scripts in the context of the interface by inserting malicious content into these fields. Note: This is only...
Improper Encoding or Escaping of Output
Overview django-tomselect is a Django autocomplete widgets and views using Tom Select Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output in form widget input, including the labelfield parameter. An attacker can hide the contents between tags in code from...
CVE-2024-44771
BigId PrivacyPortal v179 is vulnerable to Cross Site Scripting XSS via the "Label" field in the Report template function...
BigId PrivacyPortal 安全漏洞
BigId PrivacyPortal is a data security and privacy tool from BigId, Inc. A security vulnerability exists in BigId PrivacyPortal version v179 that stems from a cross-site scripting XSS attack on the Label field in the Report Template feature...
WordPress plugin Contact Form 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...
CVE-2023-5530
The Ninja Forms Contact Form WordPress plugin before 3.6.34 does not sanitize and escape its label fields, which could allow high privilege users such as admin to perform Stored XSS attacks. Only users with the unfilteredhtml capability can perform this, and such users are already allowed to use ...
CVE-2023-47095
A Stored Cross-Site Scripting XSS vulnerability in the Custom fields of Edit Virtual Server under System Customization in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Batch Label field while details of Virtual Server...
CVE-2023-47095
A Stored Cross-Site Scripting XSS vulnerability in the Custom fields of Edit Virtual Server under System Customization in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Batch Label field while details of Virtual Server...
CVE-2023-47095
A Stored Cross-Site Scripting XSS vulnerability in the Custom fields of Edit Virtual Server under System Customization in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Batch Label field while details of Virtual Server...
Cross site scripting
A Stored Cross-Site Scripting XSS vulnerability in the Custom fields of Edit Virtual Server under System Customization in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Batch Label field while details of Virtual Server...
PortlandLabs Concrete CMS 跨站脚本漏洞
PortlandLabs Concrete CMS is a team-oriented open source content management system of the United States PortlandLabs company . A cross-site scripting vulnerability exists in the PortlandLabs Concrete CMS Custom Label field. The vulnerability stems from the lack of effective filtering and escaping...
Shoplazza LifeStyle 跨站脚本漏洞
Shoplazza LifeStyle is an e-commerce website by Shoplazza, Inc. A security vulnerability exists in Shoplazza LifeStyle version 1.1, which stems from cross-site scripting due to incorrect manipulation of the parameters Subheading/Heading/Text/Button Text/Label...