Cross-Site Scripting (XSS)

github.com/golang/net is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape user input in text nodes outside the HTML namespace, allowing an attacker to inject and execute malicious JavaScript on a victim's browser...

DRUPAL-CONTRIB-2023-033

This module enables you to add the Matomo web statistics tracking system to your website. The module does not check the Matomo JS code loaded on the website. So a user could configure the module to load JS from a malicious website. This vulnerability is mitigated by the fact that an attacker must...

Stored Cross-site Scripting (XSS)

phpmyfaq is vulnerable to Cross-site Scripting. The vulnerability exists due to a lack of validation in the user input of Link.php, which allows an attacker to inject and execute malicious Javascript into the browser...

Cross-site Scripting (XSS)

jenkins-core is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the addHyperlink function of AbstractMarkupText.java which does not properly escape the URLs before being rendered, allowing an attacker to inject and execute malicious JavaScript...

Cross-Site Scripting (XSS)

org.apache.felix: org.apache.felix.healthcheck.webconsoleplugin is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape user inputs during web page generation, allowing an attacker to inject and execute malicious javascript in the victim's browser...

Cross-site Scripting (XSS)

copyparty is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the txsvcs function of httpcli.py does not properly escape malicious characters, which allows an attacker to inject and execute malicious javascript by providing a malicious URL containing ?hc= with somewhere in...

Cross Site Scripting (XSS)

gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability occurs when viewing a XML file in the repository in 'raw' mode which could be rendered as HTML in certain conditions, which allows an authenticated attacker to inject and execute malicious javascript on victim's browser...

Cross-site Scripting (XSS)

gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of sanitization in the external status checks of the library, allowing an attacker to inject and execute malicious javascript...

copyparty vulnerable to reflected cross-site scripting via hc parameter

Summary The application contains a reflected cross-site scripting via URL-parameter ?hc=... Details A reflected cross-site scripting XSS vulnerability exists in the web interface of the application that could allow an attacker to execute malicious javascript code by tricking users into accessing ...

PT-2023-33011 · Copyparty · Copyparty

Name of the Vulnerable Software and Affected Versions: copyparty affected versions not specified Description: A reflected cross-site scripting vulnerability exists in the web interface of the application, allowing an attacker to execute malicious javascript code by tricking users into accessing a...

Cross-site Scripting (XSS)

clevertap-cordova is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the library does not properly validate the data from the deep links, allowing an attacker to inject and execute malicious javascript...

Cross-Site Scripting (XSS)

webmention.js is vulnerable to Cross-Site Scripting XSS attacks. The vulnerability is due to improper sanitization of the comments parameter in the formatComments function, allowing an attacker to inject and execute malicious JavaScript in a victim's browser...

CVE-2023-31705

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

CVE-2023-31705

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

Cross site scripting

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

CVE-2023-31705

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

Cross-Site Scripting (XSS)

github.com/mlogclub/bbs-go is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the special characters before it output to the front end, allowing an attacker to inject and execute malicious javascript on victim's browser via a crafted payload to the comment...

Siemens RUGGEDCOM ROX cross-site scripting vulnerability (CNVD-2023-55710)

RUGGEDCOM products offer a degree of robustness and reliability that sets the standard for communication networks deployed in harsh environments. A cross-site scripting vulnerability exists in Siemens RUGGEDCOM ROX, which can be exploited by attackers to execute malicious javascript code by...

CVE-2023-36389

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...

CVE-2023-36386

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...