Cross site scripting

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component...

PT-2023-28792 · Opensolution · Opensolution Quick Cms

Name of the Vulnerable Software and Affected Versions: opensolution Quick CMS version 6.7 Description: A cross-site scripting XSS issue allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component. This enables the attacke...

CVE-2023-43877

Rite CMS 3.0 has Multiple Cross-Site scripting XSS vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu...

CVE-2023-43877

Rite CMS 3.0 has Multiple Cross-Site scripting XSS vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu...

Cross site scripting

Rite CMS 3.0 has Multiple Cross-Site scripting XSS vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu...

CVE-2023-43877

Rite CMS 3.0 has Multiple Cross-Site scripting XSS vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu...

CVE-2023-43877

Rite CMS 3.0 has Multiple Cross-Site scripting XSS vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu...

CVE-2023-43877

CVE-2023-43877 concerns Rite CMS 3.0, where multiple Cross-Site Scripting (XSS) vulnerabilities allow an attacker to execute arbitrary code by crafting payloads in the Home Page field of the Administration menu (also referenced for related CVE-2023-43878). The Red Hat entry notes a similar issue ...

CVE-2023-44479

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jim Krill WP Jump Menu plugin = 3.6.4 versions...

CVE-2023-44479 WordPress WP Jump Menu Plugin <= 3.6.4 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jim Krill WP Jump Menu plugin = 3.6.4 versions...

CVE-2023-44479 WordPress WP Jump Menu Plugin <= 3.6.4 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jim Krill WP Jump Menu plugin = 3.6.4 versions...

CVE-2023-44479

CVE-2023-44479 concerns the WP Jump Menu WordPress plugin by Jim Krill. Affected versions are

WordPress Plugin wp-jump-menu Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2023-43713

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability, which allows attackers to inject JS via the "title" parameter, in the "/admin/admin-menu/add-submit" endpoint, which can lead to unauthorized execution of scripts in a user's web browser...

CVE-2023-43713

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability, which allows attackers to inject JS via the "title" parameter, in the "/admin/admin-menu/add-submit" endpoint, which can lead to unauthorized execution of scripts in a user's web browser...

Cross site scripting

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability, which allows attackers to inject JS via the "title" parameter, in the "/admin/admin-menu/add-submit" endpoint, which can lead to unauthorized execution of scripts in a user's web browser...

CVE-2023-43713

Os Commerce CVE-2023-43713 describes a Cross-Site Scripting (XSS) vulnerability that can be triggered via the title parameter in the /admin/admin-menu/add-submit endpoint. The issue is listed as a reflected XSS (per CVE list data) with a medium CVSS3.1 base score (5.4). Affected product/version d...

WordPress WP Jump Menu Plugin <= 3.6.4 is vulnerable to Cross Site Scripting (XSS)

Software WP Jump Menu Type Plugin Vulnerable versions = 3.6.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-44479 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c0eb9f7634af Credits DoYeon Park p6rkdoye0n Required privilege...

CSRF Delete Navigation Menu Items

Description CSRF Delete Navigation Menu Items Proof of Concept 1 .Attack sends fake requests to users history.pushState'', '', '/'; document.forms0.submit; 2 .User click, deletes unwanted Navigation Menu Items Payload Poc...

CVE-2023-43879

Rite CMS 3.0 has a Cross-Site scripting XSS vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu...