Lucene search
+L

326 matches found

cnnvd
cnnvd
added 2026/05/04 12:0 a.m.16 views

Notesnook 跨站脚本漏洞

Notesnook is an end-to-end encrypted note application developed by Streetwriters. Versions of Notesnook for Web/Desktop prior to 3.3.15, as well as versions for iOS/Android prior to 3.3.20, had a cross-site scripting vulnerability. This vulnerability stemmed from the lack of HTML escaping for...

9.6CVSS6AI score0.00477EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/01 12:0 a.m.8 views

WordPress plugin Elementor Website Builder 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.6AI score0.00225EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/04/30 12:0 a.m.11 views

JeeSite 跨站脚本漏洞

JeeSite is a Java rapid development platform open-sourced by Zhuo Yuan thinkgem in Jinan, China. Version JeeSite 5.15.1 contains a cross-site scripting vulnerability. This vulnerability stems from a storage-type cross-site scripting present in the /msg/msgInner/save endpoint, which may allow...

6.1CVSS5.9AI score0.00155EPSS
Exploits0References1
nessus
nessus
added 2026/04/29 12:0 a.m.4 views

FreeBSD : Mozilla -- Other issue in the Storage: IndexedDB component (1a442c0b-4307-11f1-a627-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1a442c0b-4307-11f1-a627-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=2024220 reports: Other issue in the Storage: IndexedDB...

6.5CVSS6AI score0.04938EPSS
Exploits1References3
cnnvd
cnnvd
added 2026/04/24 12:0 a.m.11 views

AnythingLLM 跨站脚本漏洞

AnythingLLM is an integrated AI application developed by Mintplex. Versions of AnythingLLM prior to 1.12.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the markdown renderer in the chart component not encoding the alt text as HTML, which could lead to storage-ty...

5.4CVSS5.6AI score0.00195EPSS
Exploits1References1
ibm
ibm
added 2026/04/16 9:24 p.m.13 views

Security Bulletin: Multiple vulnerabilities in IBM Aspera Orchestrator

Summary Multiple vulnerabilities were addressed in IBM Aspera Orchestrator 4.1.4 Vulnerability Details CVEID:CVE-2026-33173 DESCRIPTION: Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, DirectUploadsController...

9.8CVSS5.8AI score0.00838EPSS
Exploits0Affected Software5
cnnvd
cnnvd
added 2026/04/15 12:0 a.m.10 views

Prometheus 安全漏洞

Prometheus is an open-source software developed in the Go language, used to create real-time metric databases built using the HTTP pull model. Versions 3.0 to 3.5.1 and 3.6.0 to 3.11.1 of Prometheus contain security vulnerabilities. These vulnerabilities stem from a storage-side cross-site...

6.1CVSS5.8AI score0.0024EPSS
Exploits0References1
euvd
euvd
added 2026/04/14 6:30 p.m.9 views

EUVD-2026-22325

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...

4.3CVSS5.8AI score0.00263EPSS
Exploits0References2
cve
cve
added 2026/04/14 3:38 p.m.14 views

CVE-2026-22574

CVE-2026-22574 affects Fortinet FortiSOAR PaaS (versions 7.6.0–7.6.4, 7.5.0–7.5.2, 7.4 all, 7.3 all) and FortiSOAR on‑premise (7.6.0–7.6.4, 7.5.0–7.5.2, 7.4 all, 7.3 all). The issue is a vulnerability where passwords are stored in a recoverable format, potentially allowing an authenticated remote...

6.5CVSS5.8AI score0.00267EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2026/04/11 12:0 a.m.7 views

WordPress plugin Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.2CVSS5.6AI score0.00438EPSS
Exploits0References8
cnnvd
cnnvd
added 2026/04/10 12:0 a.m.6 views

WordPress plugin Webling 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

6.4CVSS5.7AI score0.00277EPSS
Exploits0References6
cnnvd
cnnvd
added 2026/04/09 12:0 a.m.8 views

WordPress plugin OSM – OpenStreetMap 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.7AI score0.00239EPSS
Exploits0References10
cnnvd
cnnvd
added 2026/04/09 12:0 a.m.7 views

WordPress plugin Experto Dashboard for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.4CVSS5.6AI score0.00207EPSS
Exploits0References6
cnnvd
cnnvd
added 2026/04/08 12:0 a.m.15 views

WordPress plugin Element Pack Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.6AI score0.00387EPSS
Exploits0References8
cnnvd
cnnvd
added 2026/04/06 12:0 a.m.9 views

CI4MS 跨站脚本漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 31.0.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the failure to properly clean user-controlled input when users updated their profile names, which could lead to...

9.4CVSS5.7AI score0.00297EPSS
Exploits1References1
cnnvd
cnnvd
added 2026/04/06 12:0 a.m.10 views

FeehiCMS 安全漏洞

FeehiCMS is a PHP-based CMS website building system developed by Liufee’s individual developers. The FeehiCMS v2.1.1 version contains a security vulnerability. This vulnerability stems from a storage-side cross-site scripting issue in the Content field used for creating/editing modules, which may...

5.4CVSS5.9AI score0.00133EPSS
Exploits1References2
cnnvd
cnnvd
added 2026/04/04 12:0 a.m.9 views

WordPress plugin Xpro Addons — 140+ Widgets for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.6AI score0.00195EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/04/01 12:0 a.m.9 views

CI4MS 跨站脚本漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 0.31.0.0 contained a cross-site scripting vulnerability. This vulnerability occurred due to improper handling of user input when creating or editing blog articles, which could lead to storage-based...

9.1CVSS5.7AI score0.00317EPSS
Exploits1References2
cnnvd
cnnvd
added 2026/04/01 12:0 a.m.9 views

CI4MS 跨站脚本漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 0.31.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of user input in the backend user management function, which could lead to storage-based...

9.9CVSS5.7AI score0.00393EPSS
Exploits1References2
cnnvd
cnnvd
added 2026/03/31 12:0 a.m.6 views

WordPress plugin Kubio AI Page Builder 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.6AI score0.0013EPSS
Exploits0References1
Rows per page
Query Builder