48 matches found
CVE-2024-57498
Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...
CVE-2024-28865
django-wiki is a wiki system for Django. Installations of django-wiki prior to version 0.10.1 are vulnerable to maliciously crafted article content that can cause severe use of server CPU through a regular expression loop. Version 0.10.1 fixes this issue. As a workaround, close off access to crea...
CVE-2024-57498
Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...
CVE-2024-57498
Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...
CVE-2024-57498
CVE-2024-57498 affects sayski ForestBlog (version 20241223). The vulnerability is a Cross-Site Scripting flaw in the article editing function that can allow a remote attacker to escalate privileges. Affected software/component: ForestBlog 20241223, sayski. Root cause: XSS in article editing. Impa...
CVE-2024-57498
Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...
CVE-2024-57498
Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...
Cross-site Scripting (XSS)
Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper handling of slugs on the article editing screen. An attacker can manipulate the output of the page by injecting malicious...
CVE-2024-22714
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...
CVE-2024-22714
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...
CVE-2024-22714
Stupid Simple CMS
CVE-2024-22714
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...
CVE-2024-22714
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...
PT-2024-19534 · Unknown · Stupid Simple Cms
Name of the Vulnerable Software and Affected Versions: Stupid Simple CMS versions =1.2.4 Description: The issue is related to Cross Site Scripting XSS in the editing section of the article content. Recommendations: For Stupid Simple CMS versions =1.2.4, update to a version that contains a fix for...
PT-2023-22347 · Winterchens · My-Site
Name of the Vulnerable Software and Affected Versions: WinterChenS my-site versions before commit 3f0423da6d5200c7a46e200da145c1f54ee18548 Description: The issue allows attackers to inject arbitrary web script or HTML via editing blog articles, which is a Cross Site Scripting XSS vulnerability...
CVE-2021-38602
PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content...
Cross site scripting
PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content...
CVE-2021-38602
PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content...
UBUNTU-CVE-2021-38602
PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content...
CVE-2021-38602
CVE-2021-38602 concerns PluXML 5.8.7, where Article Editing via Headline or Content allows stored XSS. The cited description explicitly states a stored XSS in PluXML 5.8.7, and the connected documents reinforce that this is tied to the same vulnerability tracked across multiple sources. The CVE r...