Lucene search
K

4 matches found

NVD
NVD
added 2026/04/07 6:16 p.m.2 views

CVE-2026-39323

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-39326. Reason: This candidate is a duplicate of CVE-2026-39326. Notes: All CVE users should reference CVE-2026-39326 instead of this candidate. All references and descriptions in this candidate have been removed to...

0.0003EPSS
Exploits0
EUVD
EUVD
added 2026/02/03 6:10 p.m.8 views

EUVD-2026-5186

Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator’s browser. This occurs because the Shipping Zone Name & Descriptio...

6.1CVSS5.4AI score0.00261EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/02/02 10:51 p.m.7 views

Craft Commerce has Stored XSS in Tax Categories (Name & Description) Fields Leading to Potential Privilege Escalation

Summary A stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator’s browser. This occurs because the Tax Categories Name & Description fields in the Store Management section are not properly sanitized before being displayed in the admin pane...

6.1CVSS5.7AI score0.00261EPSS
Exploits1References6Affected Software1
CNNVD
CNNVD
added 2022/05/17 12:0 a.m.4 views

Jenkins Promoted Builds (Simple) Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exist...

5.4CVSS5.4AI score0.00715EPSS
Exploits0References3
Rows per page
Query Builder