CVE-2023-33942

Cross-site scripting XSS vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's Title field...

CVE-2023-33938

Cross-site scripting XSS vulnerability in the App Builder module's custom object details page in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before update 14 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into an App Builder custom object...

CVE-2023-33790

A stored cross-site scripting XSS vulnerability in the Create Locations /dcim/locations/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

CVE-2023-45771

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Contact Form With Captcha allows Reflected XSS.This issue affects Contact Form With Captcha: from n/a through 1.6.8...

CVE-2023-30319

Cross Site Scripting XSS vulnerability in username field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code...

CVE-2023-27439

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in glSPICE New Adman plugin = 1.6.8 versions...

CVE-2023-26954

onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the User Group module...

CVE-2023-2521

A vulnerability was found in NEXTU NEXT-7004N 3.0.1. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formFilter of the component POST Request Handler. The manipulation of the argument url with the input leads to cross site scripting. It is possible to...

CVE-2023-24648

Zstore v6.6.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /index.php...

CVE-2023-23812

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joost de Valk Enhanced WP Contact Form plugin = 2.2.3 versions...

CVE-2023-1245

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-32800

Unauth. Reflected Cross-Site Scripting XSS vulnerability in One Rank Math SEO PRO plugin = 3.0.35 versions...

CVE-2023-23572

Cross-site scripting vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. Note Web Config is the software that allows users to check the status and change the settings of SEIKO EPS...

CVE-2023-23794

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex Moss Semalt Blocker plugin = 1.1.3 versions...

CVE-2023-27925

Cross-site scripting vulnerability in Post function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script...

CVE-2023-51532

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder...

CVE-2023-51536

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CRM Perks CRM Perks Forms – WordPress Form Builder allows Stored XSS.This issue affects CRM Perks Forms – WordPress Form Builder: from n/a through 1.1.2...

CVE-2023-36315

There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...

CVE-2023-49745

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spiffy Plugins Spiffy Calendar allows Stored XSS.This issue affects Spiffy Calendar: from n/a through 4.9.5...

CVE-2023-5317

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.18...