Lucene search
K

343 matches found

CVE
CVE
added 2025/04/23 6:15 a.m.109 views

CVE-2025-0618

CVE-2025-0618 affects Trellix Endpoint Security (HX) Server versions 10.0.2 and earlier. A specially crafted tamper protection event can trigger an unhandled exception in the HX service, causing a persistent denial of service that prevents processing of any further tamper protection events, even ...

6.5CVSS7AI score0.00574EPSS
Exploits0References1
Drupal
Drupal
added 2025/04/02 12:0 a.m.24 views

TacJS - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-027

This module enables sites to comply with the European cookie law using tarteaucitron.js. The module doesn't sufficiently filter user-supplied markup inside of content leading to a persistent Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker needs...

4.8CVSS6AI score0.00307EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/22 3:21 p.m.9 views

CVE-2023-6452

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Web Security Transaction Viewer allows Stored XSS. The Forcepoint Web Security portal allows administrators to generate detailed reports on user requests made through the Web proxy. It h...

9.6CVSS6AI score0.00396EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2024/06/14 12:0 a.m.338 views

Carbon Forum 5.9.0 - Stored XSS

Exploit Title: Persistent XSS in Carbon Forum 5.9.0 Stored Date: 06/12/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.94cb.com/ Software Link: https://github.com/lincanbin/Carbon-Forum Version: 5.9.0 Tested on: Windows XP CVE: N/A Vulnerability Details A persistent stored XSS...

7.4AI score
Exploits0
Prion
Prion
added 2023/08/03 11:15 p.m.27 views

Cross site scripting

A Persistent XSS vulnerability can be carried out in a certain field of Unica Campaign. An attacker could hijack a user's session and perform other attacks...

5.8CVSS6AI score0.00331EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2023/07/26 12:0 a.m.278 views

ETSI WEBstore 2023 Cross Site Scripting

Document Title: =============== ETSI WEBstore 2023 - Persistent Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2327 Release Date: ============= 2023-07-26 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.259 views

Tiva Events Calender 1.4 Cross Site Scripting

Document Title: =============== Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2276 Release Date: ============= 2023-07-05 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
OSV
OSV
added 2022/12/19 5:15 p.m.5 views

CVE-2022-40435

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...

4.8CVSS5.7AI score0.00573EPSS
Exploits1References3
Prion
Prion
added 2022/12/19 5:15 p.m.12 views

Cross site scripting

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via adding new entries under the Departments and Designations module...

4.3CVSS5AI score0.00573EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/10/14 3:16 p.m.2 views

CVE-2022-42069

Online Birth Certificate Management System version 1.0 suffers from a persistent Cross Site Scripting XSS vulnerability...

5.4CVSS5.8AI score0.00316EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/09/12 12:0 a.m.6 views

Hotel Management System 跨站脚本漏洞

Hotel Management System is a hotel management system based MIS project by Prem Chand Saini, an individual developer in India. A security vulnerability exists in Hotel Management System version 1.0, which stems from multiple persistent cross-site scripting XSS vulnerabilities in index.php. An...

5.4CVSS5.6AI score0.00598EPSS
Exploits1References3
Prion
Prion
added 2022/08/01 5:15 p.m.11 views

Cross site scripting

Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...

4.9CVSS5.2AI score0.00517EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/07/22 12:0 a.m.3 views

WordPress plugin wpWax Team 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.4CVSS5.4AI score0.00457EPSS
Exploits0References4
Prion
Prion
added 2022/07/14 8:15 p.m.14 views

Cross site scripting

Fast Food Ordering System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via the component /ffos/classes/Master.php?f=savecategory...

3.5CVSS5.3AI score0.00453EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/05/11 6:15 p.m.3 views

CVE-2021-31330

A Cross-Site Scripting XSS vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent...

5.4CVSS5.8AI score0.00765EPSS
Exploits1References4
Prion
Prion
added 2022/05/11 6:15 p.m.17 views

Cross site scripting

A Cross-Site Scripting XSS vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent...

3.5CVSS5.2AI score0.00765EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/01/13 2:10 p.m.20 views

CVE-2021-23824 Content Injection

This affects the package Crow before 0.3+4. When using attributes without quotes in the template, an attacker can manipulate the input to introduce additional attributes, potentially executing code. This may lead to a Cross-site Scripting XSS vulnerability, assuming an attacker can influence the...

6.5CVSS6.2AI score0.00921EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/12/03 12:0 a.m.3 views

Kentico 跨站脚本漏洞

Kentico is an ASP.NET-based content management system CMS from Kentico, Inc. A security vulnerability exists in Kentico Xperience CMS, which stems from the fact that Kentico Xperience CMS version 13.0 13.0.43 is prone to a persistent cross-site scripting XSS vulnerability also known as stored or...

6.8CVSS5.3AI score0.00545EPSS
Exploits1References2
Prion
Prion
added 2021/10/19 7:15 p.m.18 views

Cross site scripting

A persistent cross-site scripting XSS vulnerability in the captive portal graphical user interface of Juniper Networks Junos OS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a...

3.5CVSS5.2AI score0.00781EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/03/25 12:0 a.m.5 views

PT-2026-3809

Name of the Vulnerable Software and Affected Versions Moodle versions prior to 3.10.4 Description A security issue exists in Moodle related to insufficient protection of the web page structure within the calendar event subtitle field. Successful exploitation of this issue could allow a remote...

7.2CVSS6AI score0.00309EPSS
Exploits1References8
Rows per page
Query Builder