CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2026/01/09 12:41 p.m.•5 views

CVE-2023-25440

Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...

5.4CVSS6.1AI score0.00798EPSS

Exploits4References1

OSV•added 2024/01/31 3:12 p.m.•11 views

BIT-CIVICRM-2023-25440

Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...

5.4CVSS5.2AI score0.00798EPSS

Exploits4References2

NVD•added 2023/05/23 1:15 a.m.•10 views

CVE-2023-25440

Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...

5.4CVSS5.3AI score0.00798EPSS

Exploits4References2

OSV•added 2023/05/23 1:15 a.m.•0 views

UBUNTU-CVE-2023-25440

Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...

5.4CVSS6.2AI score0.00798EPSS

Exploits4References4

Positive Technologies•added 2023/05/23 12:0 a.m.•2 views

PT-2023-20063 · Civicrm +1 · Civicrm +1

Name of the Vulnerable Software and Affected Versions: CiviCRM version 5.59.alpha1 Description: A Stored Cross Site Scripting XSS issue exists in the add contact function, allowing attackers to execute arbitrary code in the first/second name field. Recommendations: For CiviCRM version 5.59.alpha1...

5.4CVSS5.7AI score0.00798EPSS

Exploits4References16

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by