Lucene search
K

51 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.2AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Red Hat Quay 跨站脚本漏洞

Red Hat Quay is a container image repository platform operated by the American company Red Hat. Red Hat Quay has a cross-site scripting vulnerability. This vulnerability stems from the lack of validation of MIME types at the filedrop endpoint. It may allow authenticated users with write permissio...

5.4CVSS4.9AI score0.00138EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

VMware Cloud Foundation Operations 安全漏洞

VMware Cloud Foundation Operations is a private cloud operations management platform provided by the American company VMware. There is a security vulnerability in VMware Cloud Foundation Operations. This vulnerability stems from multiple storage-based cross-site scripting vulnerabilities, which...

8CVSS5.1AI score0.00399EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

WordPress plugin Post Snippets 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.4CVSS5.7AI score0.00244EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Jenkins buildgraph-view Plugin 安全漏洞

The Jenkins buildgraph-view Plugin is an open-source plugin for visualizing Jenkins build processes. The Jenkins buildgraph-view Plugin versions 1.8 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of escaping of build URLs, which may lead to storage-side...

5.5CVSS5.6AI score0.00176EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.9 views

Nozomi Networks Guardian和Nozomi Networks CMC 跨站脚本漏洞

Nozomi Networks Guardian and Nozomi Networks CMC are both products of the American company Nozomi Networks. Nozomi Networks Guardian is an IoT device and software inspection system. Nozomi Networks CMC is an application software that provides centralized OT and IoT security management. Both Nozom...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

CubeCart 跨站脚本漏洞

CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.6.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting flaw, which could allow attackers with administrative privileges to inject...

4.8CVSS5.6AI score0.00173EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.8 views

mailcow: dockerized 跨站脚本漏洞

mailcow: dockerized is a dockerized version of the mailcow open-source application. Versions of mailcow before 2026-03b contained a cross-site scripting vulnerability. This vulnerability stemmed from the Autodiscover logs used for managing the dashboard, which did not escape the EMailAddress valu...

9.3CVSS5.6AI score0.0028EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.10 views

WordPress plugin Custom New User Notification 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.4CVSS5.6AI score0.00361EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.9 views

WordPress plugin CodeColorer 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.1CVSS5.7AI score0.00232EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.9 views

WordPress plugin Prismatic 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.2CVSS5.7AI score0.00274EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.8 views

WordPress plugin Livemesh Addons for Elementor 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.6AI score0.00322EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.7 views

Pega Platform 安全漏洞

Pega Platform is an enterprise management platform developed by Pega, Inc. Versions of Pega Platform from 8.1.0 to 25.1.1 have security vulnerabilities, which stem from storage cross-site scripting in the user interface components...

4.8CVSS5.7AI score0.00187EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.6 views

Decidim 跨站脚本漏洞

Decidim is an open-source participatory democracy framework developed using Ruby on Rails. Versions of Decidim prior to 0.30.5, as well as versions 0.31.0.rc1 to 0.31.0, contained a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based code execution issue in the use...

9.3CVSS6.3AI score0.00356EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.5 views

WordPress plugin AddFunc Head & Footer Code 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.7AI score0.002EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

LoLLMs 安全漏洞

LoLLMs is a large language and multimodal system personally developed by Saifeddine ALOUI. Versions of LoLLMs prior to 2.2.0 contained a security vulnerability. This vulnerability stemmed from the createpost function not properly cleaning the content provided by users, which could lead to...

9.6CVSS7.2AI score0.00405EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.9 views

WWBN AVideo 跨站脚本漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from insufficient cleaning and escaping of XML inputs controlled by the EPG function, which could...

5.4CVSS5.7AI score0.00195EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.5 views

Emissary 跨站脚本漏洞

Emissary is a distributed P2P data-driven workflow framework developed by the National Security Agency. Versions of Emissary prior to 8.39.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the Mustache navigation template directly inserting configured link values...

4.8CVSS5.7AI score0.00176EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.9 views

ChurchCRM 跨站脚本漏洞

ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.1.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting in the profile editing function, which could lead to session hijacking...

8.9CVSS5.6AI score0.00203EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.9 views

Bynder 安全漏洞

Bynder is a brand content management platform used by Bynder Inc. for the centralized management and distribution of digital media assets. Version 0.1.394 of Bynder contains a security vulnerability, which stems from a storage-side cross-site scripting issue. This vulnerability could allow for th...

5.4CVSS5.9AI score0.00138EPSS
Exploits0References2
Rows per page
Query Builder