Lucene search
K

1116640 matches found

EUVD
EUVD
added 2 hours ago2 views

EUVD-2026-40444

n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through 2.13.2 line, and 2.14.0 fixed in 1.123.27, 2.13.3, and 2.14.1. An authenticat...

5.4CVSS5.6AI score
Exploits0References3
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-40457

SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...

5.6CVSS5.6AI score
Exploits0References4
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-40832

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6AI score
Exploits0References3
EUVD
EUVD
added 2 hours ago2 views

EUVD-2026-40458

Storage Concentrator SC & SCVM is vulnerable to reflected cross-site scripting due to unsanitized content being echoed back in 404 error pages. An attacker can craft a malicious URL that, when visited by an authenticated user, causes arbitrary script content to execute within the victim's browser...

6.1CVSS5.8AI score
Exploits0References4
EUVD
EUVD
added 2 hours ago2 views

EUVD-2026-40755

Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6AI score
Exploits0References3
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-40665

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score
Exploits0References3
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-40522

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

6AI score
Exploits0References3
EUVD
EUVD
added 2 hours ago4 views

EUVD-2026-40424

A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Discussion in the Q&A category...

6.3CVSS5.9AI score
Exploits0References5
CVE
CVE
added yesterday3 views

CVE-2026-14083

Summary: CVE-2026-14083 describes insufficient validation of untrusted input in HTML within Google Chrome, allowing a remote attacker to trigger UXSS by a crafted HTML page. The vulnerability affects Chrome releases prior to version 150.0.7871.47. Affected software: Google Chrome (Chromium-based)...

6AI score
Exploits0References2
CVE
CVE
added yesterday4 views

CVE-2026-14000

CVE-2026-14000 affects Google Chrome versions prior to 150.0.7871.47 due to an inappropriate XML implementation. The flaw enables a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page, as documented in the NVD/CVELIST entries. Affected software is Google Chrome (Chr...

6AI score
Exploits0References2
CVE
CVE
added yesterday5 views

CVE-2026-50040

CVE-2026-50040 affects StoneFly Storage Concentrator (SC & SCVM). The issue is a reflected XSS caused by unsanitized content echoed in 404 error pages, enabling an authenticated user to trigger arbitrary script execution in the application's context via a crafted URL. Potential impacts include se...

6.1CVSS5.8AI score
Exploits0References3
NVD
NVD
added yesterday4 views

CVE-2026-10585

A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Discussion in the Q&A category...

6.3CVSS
Exploits0References4
CVE
CVE
added yesterday6 views

CVE-2026-28322

CVE-2026-28322 affects SolarWinds Database Performance Analyzer (DPA). The stored cross-site scripting vulnerability can enable unintended script execution, with the public metrics indicating high impact to confidentiality and integrity, and a medium overall severity (CVSS 3.1: AV=Adjacent, AC=Hi...

5.6CVSS5.6AI score
Exploits0References3
CVE
CVE
added yesterday7 views

CVE-2026-10585

CVE-2026-10585 describes a stored XSS in GitHub Enterprise Server where an authenticated attacker could execute JavaScript in another user’s browser by injecting a crafted payload into a Discussion title in the Q&A category. The vulnerability stems from the AnsweredQuestionStructuredDataComponent...

6.3CVSS5.9AI score
Exploits0References4
EUVD
EUVD
added yesterday4 views

EUVD-2026-40411

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console...

8.5CVSS5.6AI score
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-11594

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console...

8.5CVSS5.6AI score
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2025-36320

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

6.4CVSS5.5AI score
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2025-36323

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.5AI score
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2025-210380

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.5AI score
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-40397

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console's integrated help system...

9.3CVSS5.6AI score
Exploits0References1
Rows per page
Query Builder