Lucene search
K

2049 matches found

OSV
OSV
added 2023/05/10 8:15 p.m.4 views

CVE-2023-31163

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

5.4CVSS6.3AI score0.00439EPSS
Exploits0References2
OSV
OSV
added 2023/05/10 8:15 p.m.6 views

CVE-2023-31159

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

5.4CVSS6.3AI score0.00439EPSS
Exploits0References2
OSV
OSV
added 2023/05/10 8:15 p.m.5 views

CVE-2023-31153

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.See SEL...

5.4CVSS6.1AI score0.00439EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.5 views

Anuko Time Tracker 跨站脚本漏洞

Anuko Time Tracker is an open source time counting system for individual developers. A platform for counting the time spent by employees on various tasks. A cross-site scripting vulnerability exists in versions prior to Anuko Time Tracker 1.22.11.5782. An attacker can exploit this vulnerability t...

5.4CVSS5.8AI score0.00369EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/05/04 12:0 a.m.8 views

CVE-2023-27075

A cross-site scripting vulnerability XSS in the component microbin/src/pasta.rs of Microbin v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.3AI score0.00409EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/05/04 12:0 a.m.3 views

MicroBin 跨站脚本漏洞

MicroBin is an ultra-compact, feature-rich, configurable, self-contained and self-hosted pastebin web application from the individual developer Dániel Szabó. A security vulnerability exists in MicroBin version v1.2.0, which stems from a security issue in the component microbin/src/pasta.rs, and c...

5.4CVSS6AI score0.00409EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/05/04 12:0 a.m.7 views

CVE-2023-30097

A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field...

5.3AI score0.00667EPSS
Exploits1References3
CVE
CVE
added 2023/05/04 12:0 a.m.55 views

CVE-2023-30095

CVE-2023-30095 affects TotalJS Messenger (commit b6cf1c9). It describes a stored XSS vulnerability in the channel description field, allowing an attacker to execute arbitrary web scripts or HTML in the context of the affected app. The vulnerability is evidenced across multiple sources, including ...

5.4CVSS5.2AI score0.00667EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/05/04 12:0 a.m.45 views

CVE-2023-30097

CVE-2023-30097 concerns TotalJS messenger. The vulnerability is a stored cross-site scripting (XSS) issue in the messenger, exploitable via a crafted payload injected into the private task field (commit b6cf1c9). Affected software is TotalJS messenger; underlying cause is stored XSS; impact is ex...

5.4CVSS5.2AI score0.00667EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/05/03 9:15 p.m.18 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in DouPHP v1.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the uniqueid parameter in /admin/article.php...

4.3CVSS4.9AI score0.00341EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/03 12:0 a.m.6 views

CVE-2023-30205

A stored cross-site scripting XSS vulnerability in DouPHP v1.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the uniqueid parameter in /admin/article.php...

5AI score0.00341EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/28 12:0 a.m.5 views

CVE-2023-30405

A cross-site scripting XSS vulnerability in Aigital Wireless-N Repeater MiniRouter v0.131229 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the wlssid parameter at /boafrm/formHomeWlanSetup...

5.3AI score0.2928EPSS
Exploits1References1
NVD
NVD
added 2023/04/27 2:15 a.m.10 views

CVE-2023-24836

SUNNET CTMS has vulnerability of path traversal within its file uploading function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operation or disrupt service...

8.8CVSS8.9AI score0.01192EPSS
Exploits0References1
OSV
OSV
added 2023/04/26 4:15 p.m.17 views

CVE-2022-27979

A cross-site scripting XSS vulnerability in ToolJet v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment Body component...

5.4CVSS5.9AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/25 12:0 a.m.6 views

CVE-2023-30417

A cross-site scripting XSS vulnerability in Pear-Admin-Boot up to v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title of a private message...

5.8AI score0.004EPSS
Exploits1References1
CVE
CVE
added 2023/04/25 12:0 a.m.33 views

CVE-2023-30417

Pear-Admin-Boot (v2.0.2 and earlier) is affected by an XSS vulnerability that allows an attacker to inject arbitrary web scripts or HTML via the Title field of a private message. Affected component: Pear-Admin-Boot; root cause: improper sanitization/injection in the Title of private messages; imp...

5.4CVSS5.3AI score0.004EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/04/21 4:15 p.m.5 views

CVE-2023-2139

A reflected Cross-site Scripting XSS Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code...

6.1CVSS6.6AI score0.00353EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/04/20 12:0 a.m.5 views

Checkmk 跨站脚本漏洞

Checkmk is an editor. A cross-site scripting vulnerability exists in Checkmk Appliance versions prior to 1.6.4, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary web script or HTML by injecti...

6.1CVSS5.9AI score0.00402EPSS
Exploits0References2
Prion
Prion
added 2023/04/19 1:15 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability was discovered in Online Jewelry Shop v1.0 that allows attackers to execute arbitrary script via a crafted URL...

4.9CVSS5.5AI score0.00365EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/04/19 12:15 a.m.18 views

CVE-2023-29523

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can edit their own user profile can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write acces...

9.9CVSS9.8AI score0.01999EPSS
Exploits1References4
Rows per page
Query Builder