EUVD-2026-35545

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

PT-2026-1922

Name of the Vulnerable Software and Affected Versions anibalwainstein Effect Maker versions through 1.2.1 Description The software contains a flaw related to improper input handling during web page creation, specifically a DOM-Based Cross-Site Scripting XSS issue. This allows for the potential...

PT-2026-1790

Name of the Vulnerable Software and Affected Versions loopus WP Virtual Assistant versions through 3.0 Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting XSS issue. This specific instance...

PT-2026-1469

Name of the Vulnerable Software and Affected Versions WPFactory Wishlist for WooCommerce versions through 3.3.0 Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, which can lead to Cross-site Scripting XSS. This allows for the...

PT-2025-54442

Name of the Vulnerable Software and Affected Versions ZD Scribd iPaper versions through 1.0 Description The software contains a flaw related to improper input handling during web page creation, specifically a Reflected Cross-site Scripting issue. This allows for the injection of malicious scripts...

CVE-2025-55056

Multiple CWE-79 Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting'...

PT-2025-43193

Name of the Vulnerable Software and Affected Versions Ultimate Blocks versions through 3.3.6 Description The software contains a flaw related to improper input handling during web page creation, which can lead to Cross-site Scripting XSS. This allows for the injection of malicious scripts into we...

PT-2025-43212

Name of the Vulnerable Software and Affected Versions gAppointments versions through 1.14.1 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting XSS issue. This allows for Reflected XSS attacks...

PT-2025-39041

Name of the Vulnerable Software and Affected Versions WP Swings Upsell Order Bump Offer for WooCommerce versions through 3.0.7 Description The software contains a flaw related to improper input handling during web page creation, leading to a potential Stored Cross-Site Scripting XSS issue. This...

The vulnerability of the GLPI system’s handling of requests and incidents is related to incorrect input cancellation during the creation of web pages. This allows a malicious attacker to execute XSS attacks.

The vulnerability in the GLPI request and incident handling system relates to improper input validation during the creation of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...

The vulnerability of the UnlinkedWikibase software extension for implementing the MediaWiki hypertext environment allows a perpetrator to execute cross-site scripting (XSS) attacks.

The vulnerability of the UnlinkedWikibase software extension for implementing the MediaWiki hypertext environment is related to improper input validation during the creation of web pages. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks XSS...

ROS-20240503-06

Vulnerability in the GLPI request and incident handling system related to incorrect input neutralization during web page creation. during the creation of a web page. Exploitation of the vulnerability could allow an attacker acting remotely, perform an XSS attack...

ROS-20240409-11

Vulnerability in the WatchAnalytics extension of the hypertext environment implementation software tool MediaWiki is related to XSS exploitation using the Special:PageStatistics page parameter. Exploitation The exploitation of the vulnerability could allow a remote attacker to perform cross-site...

The vulnerability of cloud-based software for creating and using Nextcloud Server’s data storage system lies in improper input validation during the creation of web pages. This allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of cloud-based software for creating and using Nextcloud Server storage involves improper input validation during the creation of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

VulnCheck KEV: CVE-2024-27188

Cloudways Breeze allows improper neutralization of input during web page creation, allowing for stored XSS...

The vulnerability of the RoundCube email client, related to improper input validation during the creation of web pages, allows attackers to perform cross-site scripting attacks.

The vulnerability of the RoundCube email client is related to improper input validation during the creation of web pages. Exploiting this vulnerability allows an attacker to perform cross-site scripting attacks remotely...

Vulnerability of EVlink City parking charging station software. Issues with EVlink Parking and EVlink Smart Wallbox, which arise due to incorrect neutralization during the creation of web pages. This allows a malicious actor to inject arbitrary codes during CSV file import or parameter changes at the station.

The software vulnerabilities of EVlink City parking stations. EVlink Parking and EVlink Smart Wallbox have vulnerabilities due to incorrect neutralization during the creation of their web pages. This allows unauthorized individuals to inject arbitrary codes during CSV file import or parameter...

The vulnerability of the Control Center component of the testing and monitoring platform for physical, hybrid, and virtual networks, Paragon Active Assurance (previously known as Netrounds), allows a perpetrator to carry out cross-site scenario attacks.

The vulnerability of the Control Center component of the testing and monitoring platform for physical, hybrid, and virtual networks, Paragon Active Assurance previously known as Netrounds, relates to the lack of security measures taken during the creation of web pages. Exploiting this vulnerabili...