221 matches found
EUVD-2024-35985
Malicious code in bioql PyPI...
EUVD-2025-28075
Malicious code in bioql PyPI...
EUVD-2022-6966
Malicious code in bioql PyPI...
CVE-2025-7746
CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause an unvalidated data injected by a malicious user potentially leading to modify or read data in a victim’s browser...
CVE-2025-7746
CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause an unvalidated data injected by a malicious user potentially leading to modify or read data in a victim’s browser...
CVE-2025-42920 Cross-Site Scripting (XSS) vulnerability in SAP Supplier Relationship Management
Due to a Cross-Site Scripting XSS vulnerability in the SAP Supplier Relationship Management, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim clicks on the link, the injected input is processed during the page generation,...
Linux Distros Unpatched Vulnerability : CVE-2023-6033
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper neutralization of input in Jira integration configuration in GitLab CE/EE, affecting all versions from 15.10 prior to 16.6.1, 16.5 prior to 16.5.3, and...
CVE-2025-46962
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-47054
CVE-2025-47054 affects Adobe Experience Manager (AEM) 6.5.22 and earlier, due to a DOM-based XSS flaw caused by improper validation of user-supplied input. An attacker with low privileges can exploit it by prompting a victim to visit a crafted page, executing JavaScript in the victim’s browser (u...
CVE-2025-46932
CVE-2025-46932 affects Adobe Experience Manager (AEM) ≤ 6.5.22 with a stored XSS vulnerability in vulnerable form fields. The issue allows a low-privileged attacker to inject malicious scripts, which could execute in a victim’s browser when visiting a page containing the affected field. The CVSS ...
CVE-2025-46936 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
CVE-2025-46962
Adobe Experience Manager (AEM) versions 6.5.22 and earlier are affected by a stored cross-site scripting (XSS) vulnerability in vulnerable form fields. A low-privileged attacker could inject malicious scripts, which may be executed in a victim’s browser when visiting a page containing the affecte...
CVE-2025-46998 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...
Cross-Site Scripting (XSS)
org.apache.zeppelin, zeppelin-web is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to an incomplete blacklist of user input, which allows an attacker to inject malicious scripts and execute them in a victim’s browser...
CVE-2025-9225
Stored cross-site scripting XSS in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser...
PT-2025-33906 · Mir · Mir
Name of the Vulnerable Software and Affected Versions: MiR software versions prior to 3.0.0 Description: Stored cross-site scripting in the web interface allows execution of arbitrary JavaScript code in a victim’s browser. Recommendations: Update MiR software to version 3.0.0 or later...
PT-2025-34132 · Adobe · Experience Manager
Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: Adobe Experience Manager is susceptible to a stored Cross-Site Scripting XSS issue. A low-privileged attacker can exploit this to inject malicious scripts into vulnerable form...
CVE-2025-42948 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform
Due to a Cross-Site Scripting XSS vulnerability in SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated user clicks on this link, the injected input is processed during the website�s page generation, resultin...
CVE-2025-42942
CVE-2025-42942 : SAP NetWeaver Application Server for ABAP contains a cross-site scripting (XSS) vulnerability. An unauthenticated attacker can craft a URL embedded with malicious script and entice a victim to click it, resulting in the attacker being able to access and modify limited information...
PT-2025-32614 · Sap · Sap Netweaver Application Server Abap
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP Documento BIC affected versions not specified Description: SAP NetWeaver Application Server ABAP BIC Document allows an unauthenticated attacker to manipulate a URL link. Accessing this crafted link throu...