CVE-2025-54760

Stored cross-site scripting XSS vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser...

CVE-2025-52583

The CVE-2025-52583 entry describes a Reflected cross-site scripting (XSS) vulnerability in desknet’s Web Server that allows execution of arbitrary JavaScript in a user’s browser. The connected sources confirm the issue is tied to desknet’s Web Server and identify the impact as client-side script ...

CVE-2025-52583

Reflected cross-site scripting XSS vulnerability in desknet's Web Server allows execution of arbitrary JavaScript in a user’s web browser...

CVE-2025-24833

Stored cross-site scripting XSS vulnerability in desknet's NEO versions V4.0R1.0–V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser...

Desknets Neo 跨站脚本漏洞

Desknets Neo is a remote office support software from Desknets Japan. A cross-site scripting vulnerability exists in Desknets Neo V9.0R2.0 and earlier versions, which originates from stored cross-site scripting and could lead to the execution of arbitrary JavaScript...

CVE-2025-11183

Cross-Site Scripting vulnerability in attribute table in QGIS QWC2 2025.08.14 allows an authorized attacker to plant arbitrary JavaScript code in the page...

Cross-site Scripting (XSS)

Overview qwc2 is a QGIS Web Client Affected versions of this package are vulnerable to Cross-site Scripting XSS via multiple components, including ServiceInfoWindow, SearchBox, LayerInfoWindow, and others. An attacker can execute arbitrary JavaScript code in the context of the user's browser by...

CVE-2025-11184

CVE-2025-11184 affects QGIS QWC2 Registration GUI up to version 2025.03.31. It enables an authorized attacker to inject arbitrary JavaScript (XSS) into the page, with potential impact to Confidentiality (High) and Integrity (Low) per CVSS. Remediation: upgrade to a version later than 2025.03.31 (...

CVE-2025-61319

ReNgine thru 2.2.0 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability in the Vulnerabilities module. When scanning a target with an XSS payload, the unsanitized payload is rendered in the ReNgine web UI, resulting in arbitrary JavaScript execution in the victim's browser. This can b...

PT-2025-41780

Name of the Vulnerable Software and Affected Versions QGIS QWC2 Registration GUI versions through 2025.03.31 Description A cross-site scripting issue exists in QGIS QWC2 Registration GUI. An authorized attacker can inject arbitrary JavaScript code into the page. Recommendations Update QGIS QWC2...

CVE-2025-60869

Publii CMS v0.46.5 build 17089 allows persistent Cross-Site Scripting XSS via unsanitized input in configuration fields such as "Site Description" and "Footer Follow Buttons". An attacker can inject arbitrary JavaScript, which is stored in the project and executed in the browsers of remote visito...

EUVD-2025-33349

A cross-site scripting XSS vulnerability in the component /app/marketplace.html of Logseq v0.10.9 allows attackers to execute arbitrary code via injecting arbitrary Javascript into a crafted README.md file...

EUVD-2020-21411

Malware in sbrugna...

EUVD-2020-17036

Malware in sbrugna...

EUVD-2020-3861

Malware in sbrugna...

EUVD-2021-15798

Malware in sbrugna...

EUVD-2021-25332

Malware in sbrugna...

EUVD-2018-5256

Malware in sbrugna...

EUVD-2009-2466

Malware in sbrugna...

EUVD-2015-0811

Malware in sbrugna...