Lucene search
K

8123 matches found

NVD
NVD
added 5 hours ago2 views

CVE-2026-57732

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Opt-In Builder td-subscription allows DOM-Based XSS.This issue affects tagDiv Opt-In Builder: from n/a through = 1.7.4...

7.1CVSS
Exploits0References1
NVD
NVD
added 5 hours ago2 views

CVE-2026-57668

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Stored XSS.This issue affects NEX-Forms: from n/a through = 9.2.2...

7.1CVSS
Exploits0References1
NVD
NVD
added 5 hours ago2 views

CVE-2026-57391

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tangible Loops & Logic tangible-loops-and-logic allows Stored XSS.This issue affects Loops & Logic: from n/a through = 4.2.3...

6.5CVSS
Exploits0References1
NVD
NVD
added 5 hours ago2 views

CVE-2026-57388

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Hydra Booking hydra-booking allows Stored XSS.This issue affects Hydra Booking: from n/a through = 1.1.44...

7.1CVSS
Exploits0References1
CVE
CVE
added 7 hours ago8 views

CVE-2026-57363

The CVE-2026-57363 entry documents a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress ChatBot plugin, affecting versions up to 8.3.7. The issue arises from improper neutralization of input during web page generation, enabling XSS when data is rendered. Affected component: the Chat...

7.1CVSS6.1AI score
Exploits0References1
Nuclei
Nuclei
added 11 hours ago82 views

FortiWeb - Cross Site Scripting

FortiWeb 6.3.0 through 6.3.7 and versions before 6.2.4 contain an unauthenticated cross-site scripting vulnerability. Improper neutralization of input during web page generation can allow a remote attacker to inject malicious payload in vulnerable API end-points. id: CVE-2021-22122 info: name:...

6.1CVSS6.4AI score0.1052EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-43070

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-43073

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Colorbox allows Cross-Site Scripting XSS. This issue affects Colorbox versions: from 0.0.0 to 2.1.5, from 0.0.0 to 2.2.0...

6.1AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-43069

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1AI score0.00204EPSS
Exploits0References2
CVE
CVE
added 4 days ago12 views

CVE-2026-5005

CVE-2026-5005 : A stored cross-site scripting (XSS) vulnerability in Twiser Informatics Technology Consulting, Trade and Education Inc. OKRs & Goals due to improper input neutralization during web page generation. Affected versions are OKRs & Goals from 28220 before 28398. The CVSS 3.1 vector ind...

5.4CVSS5.9AI score0.00133EPSS
Exploits0References1
NVD
NVD
added 4 days ago12 views

CVE-2026-2342

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OceanicSoft Informatics Systems Ltd. ValeApp allows Stored XSS. This issue affects ValeApp: through 09072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...

9.3CVSS0.00391EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago10 views

EUVD-2026-42554

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OceanicSoft Informatics Systems Ltd. ValeApp allows Stored XSS. This issue affects ValeApp: through 09072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...

9.3CVSS5.9AI score0.00391EPSS
Exploits0References1
CVE
CVE
added 4 days ago13 views

CVE-2026-2342

The CVE-2026-2342 entry describes a Stored XSS in ValeApp by OceanicSoft Informatics Systems Ltd, caused by improper neutralization of input during web page generation. Affected product: ValeApp (through 09072026). Root cause: input is not properly sanitized before rendering, enabling an attacker...

9.3CVSS5.9AI score0.00391EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-6371 Stored XSS in Limatek's LimRAD NAC

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Limatek System Inc. LimRAD NAC allows Stored XSS. This issue affects LimRAD NAC: through 08072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

4.8CVSS0.00148EPSS
Exploits0References1
CVE
CVE
added 5 days ago15 views

CVE-2026-6371

CVE-2026-6371 : Stored XSS in LimRAD NAC by Limatek System Inc. due to improper neutralization of input during web page generation. Affected through 08/07/2026. Documents list impact as a cross-site scripting vulnerability with a Medium severity (CVSS 3.1: AV Adjacent, AC Low, PR Low, UI Required...

4.8CVSS5.9AI score0.00148EPSS
Exploits0References1
EUVD
EUVD
added last week4 views

EUVD-2025-210435

DrawIO for ownCloud is an application for using DrawIO with the file storage, synchronization, and sharing application ownCloud Classic. In DrawIO for ownCloud prior to version 1.0.2, which corresponds to ownCloud 10 prior to version 10.15.3, attackers with access to the DrawIO app can leverage...

8.2CVSS5.9AI score0.00164EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/03 8:35 p.m.8 views

EUVD-2026-41596

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS6AI score0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/03 8:35 p.m.9 views

EUVD-2026-41594

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

7.2CVSS6AI score0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/03 8:35 p.m.4 views

EUVD-2026-41576

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

7.1CVSS6AI score0.00397EPSS
Exploits0References1
NVD
NVD
added 2026/07/03 10:16 a.m.10 views

CVE-2026-4322

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows Reflected XSS. This issue affects Destekz: through 02062026. NOTE: The vendor was contacted and it was learned that the produ...

6.1CVSS0.00149EPSS
Exploits0References1
Rows per page
Query Builder