Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

67 matches found

NVD
NVDadded 2023/11/30 2:15 p.m.17 views

CVE-2023-6422

A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/patientsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking use...

6.3CVSS0.00388EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/06/13 2:49 a.m.11 views

CVE-2023-33991 Stored Cross-Site Scripting (Stored XSS) vulnerability in SAP UI5 Variant Management

SAP UI5 Variant Management - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, UI700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting Stored XSS vulnerability. After successful exploitation, an attacke...

8.2CVSS6AI score0.00481EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2023/04/11 2:48 a.m.11 views

CVE-2023-27499 Cross-Site Scripting (XSS) vulnerability in SAP GUI for HTML

SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting XSS vulnerability. An attacker could craft a malicious URL and lure...

6.1CVSS5.8AI score0.00445EPSS
Exploits0References2
CNVD
CNVDadded 2021/05/21 12:0 a.m.6 views

Plone cross-site scripting vulnerability (CNVD-2021-37279)

Plone is a foreign open source CMS system suitable for enterprise-level applications. A cross-site scripting vulnerability exists in the user full name attribute and file upload functionality in Plone CMS versions prior to 5.2.4. The vulnerability stems from user input that is not properly encode...

5.4CVSS6AI score0.0097EPSS
Exploits1References1
Typo3
Typo3added 2020/07/07 12:0 a.m.23 views

Multiple vulnerabilities in extension "mm_forum" (mm_forum)

The extension fails to properly encode user input for output in HTML context. Also the extension fails to implement a CSRF protection for update profile plugin...

5.8CVSS5.6AI score0.00367EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologiesadded 2019/07/09 12:0 a.m.3 views

PT-2019-4588 · Sap · Sap Basis

Name of the Vulnerable Software and Affected Versions: SAP Basis versions 7.31, 7.4, 7.5 Description: The issue arises from insufficient encoding of user-controlled inputs, leading to a Cross-Site Scripting XSS vulnerability. This can be exploited by a remote attacker to perform cross-site...

6.4CVSS6AI score0.01337EPSS
Exploits0References5
OpenVAS
OpenVASadded 2013/12/11 12:0 a.m.20 views

Microsoft VS Team Foundation Server SignalR XSS Vulnerability (2905244)

This host is missing an important security update according to Microsoft Bulletin MS13-103. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

4.3CVSS5AI score0.11688EPSS
Exploits0References3
Rows per page
Query Builder