Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1345 matches found

Cvelist
Cvelistadded 2023/09/06 12:35 p.m.16 views

CVE-2023-41150

F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product...

6.5AI score0.00319EPSS
Exploits0References2
NVD
NVDadded 2023/09/05 10:15 a.m.9 views

CVE-2023-38569

Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...

5.4CVSS5.2AI score0.00409EPSS
Exploits0References2
OSV
OSVadded 2023/09/05 10:15 a.m.15 views

CVE-2023-38569

Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...

5.4CVSS6.2AI score
Exploits0References2
OSV
OSVadded 2023/09/05 10:15 a.m.13 views

CVE-2023-36492

Reflected cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...

6.1CVSS6.8AI score
Exploits0References2
Prion
Prionadded 2023/09/05 10:15 a.m.11 views

Cross site scripting

Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...

4.9CVSS5.7AI score0.00409EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2023/09/05 9:15 a.m.24 views

Cross site scripting

Stored cross-site scripting vulnerability in Map setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script...

4.9CVSS5.2AI score0.00111EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/09/05 9:10 a.m.10 views

CVE-2023-38569

Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...

6AI score0.00409EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2023/09/05 9:9 a.m.6 views

CVE-2023-36492

Reflected cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...

6.6AI score0.00843EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2023/09/05 8:39 a.m.13 views

CVE-2023-40535

Stored cross-site scripting vulnerability in View setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script...

5.8AI score0.00111EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/09/05 8:38 a.m.18 views

CVE-2023-39938

Reflected cross-site scripting vulnerability in VI Web Client prior to 7.9.6 allows a remote unauthenticated attacker to inject an arbitrary script...

6.2AI score0.00256EPSS
Exploits0References2
OSV
OSVadded 2023/09/01 1:15 p.m.3 views

CVE-2023-37830

A cross-site scripting XSS vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter...

6.1CVSS5.9AI score0.00273EPSS
Exploits0References2
CNNVD
CNNVDadded 2023/09/01 12:0 a.m.3 views

Free and Open Source Inventory Management System Cross-Site Scripting Vulnerability

Inventory Management System is an inventory management system by stemword individual developers. A security vulnerability exists in Free and Open Source Inventory Management System v1.0, which stems from the presence of multiple cross-site scripting XSS vulnerabilities that could allow an attacke...

6.1CVSS5.9AI score0.00157EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2023/08/29 12:0 a.m.2 views

PT-2023-26856 · Aruba · Arubaos-Switch

Name of the Vulnerable Software and Affected Versions: ArubaOS-Switch affected versions not specified Description: A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of th...

8.3CVSS6.1AI score0.00321EPSS
Exploits0References10
NVD
NVDadded 2023/08/21 9:15 a.m.12 views

CVE-2023-40068

Cross-site scripting vulnerability in Advanced Custom Fields versions 6.1.0 to 6.1.7 and Advanced Custom Fields Pro versions 6.1.0 to 6.1.7 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product with the administrative...

5.4CVSS5.4AI score0.28345EPSS
Exploits0References4
NVD
NVDadded 2023/08/21 9:15 a.m.14 views

CVE-2023-39543

Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M MySQL version and LuxCal Web Calendar prior to 5.2.3L SQLite version allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product...

6.1CVSS6.4AI score0.00333EPSS
Exploits0References3
Prion
Prionadded 2023/08/21 9:15 a.m.20 views

Cross site scripting

Cross-site scripting vulnerability in Advanced Custom Fields versions 6.1.0 to 6.1.7 and Advanced Custom Fields Pro versions 6.1.0 to 6.1.7 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product with the administrative...

4.9CVSS5.4AI score0.28345EPSS
Exploits0References4Affected Software1
Prion
Prionadded 2023/08/21 9:15 a.m.19 views

Cross site scripting

Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M MySQL version and LuxCal Web Calendar prior to 5.2.3L SQLite version allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product...

5.8CVSS6.5AI score0.00333EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2023/08/21 8:14 a.m.49 views

CVE-2023-39543

CVE-2023-39543 describes a cross-site scripting (XSS) vulnerability in LuxCal Web Calendar. The issue affects LuxCal Web Calendar versions prior to 5.2.3M (MySQL) and prior to 5.2.3L (SQLite). The underlying behavior allows a remote unauthenticated attacker to cause arbitrary script execution in ...

6.1CVSS6.3AI score0.00333EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2023/08/21 8:14 a.m.12 views

CVE-2023-39543

Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M MySQL version and LuxCal Web Calendar prior to 5.2.3L SQLite version allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product...

6.8AI score0.00333EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2023/08/21 8:14 a.m.12 views

CVE-2023-39543

Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M MySQL version and LuxCal Web Calendar prior to 5.2.3L SQLite version allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product...

6.9AI score0.00333EPSS
Exploits0References3
Rows per page
Query Builder