Lucene search
+L

48 matches found

RedhatCVE
RedhatCVE
added 2025/02/08 4:32 a.m.9 views

CVE-2024-57498

Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...

4.8CVSS6.7AI score0.00272EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:4 a.m.8 views

CVE-2024-28865

django-wiki is a wiki system for Django. Installations of django-wiki prior to version 0.10.1 are vulnerable to maliciously crafted article content that can cause severe use of server CPU through a regular expression loop. Version 0.10.1 fixes this issue. As a workaround, close off access to crea...

7.5CVSS6.8AI score0.00605EPSS
Exploits0References1
OSV
OSV
added 2025/02/03 8:15 p.m.3 views

CVE-2024-57498

Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...

4.8CVSS5.8AI score0.00272EPSS
Exploits1References2
NVD
NVD
added 2025/02/03 8:15 p.m.18 views

CVE-2024-57498

Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...

4.8CVSS0.00272EPSS
Exploits1References2
CVE
CVE
added 2025/02/03 12:0 a.m.54 views

CVE-2024-57498

CVE-2024-57498 affects sayski ForestBlog (version 20241223). The vulnerability is a Cross-Site Scripting flaw in the article editing function that can allow a remote attacker to escalate privileges. Affected software/component: ForestBlog 20241223, sayski. Root cause: XSS in article editing. Impa...

4.8CVSS6.5AI score0.00272EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/02/03 12:0 a.m.16 views

CVE-2024-57498

Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...

0.00272EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/02/03 12:0 a.m.10 views

CVE-2024-57498

Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...

5.1AI score0.00272EPSS
Exploits1References2
Snyk
Snyk
added 2024/10/24 7:40 p.m.2 views

Cross-site Scripting (XSS)

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper handling of slugs on the article editing screen. An attacker can manipulate the output of the page by injecting malicious...

7CVSS5.3AI score0.00303EPSS
Exploits0References2
NVD
NVD
added 2024/01/17 6:15 p.m.17 views

CVE-2024-22714

Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...

6.1CVSS6AI score0.00376EPSS
Exploits1References1
OSV
OSV
added 2024/01/17 6:15 p.m.4 views

CVE-2024-22714

Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...

6.1CVSS5.8AI score0.00376EPSS
Exploits1References1
CVE
CVE
added 2024/01/17 12:0 a.m.216 views

CVE-2024-22714

Stupid Simple CMS

6.1CVSS5.9AI score0.00376EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/17 12:0 a.m.3 views

CVE-2024-22714

Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...

6AI score0.00376EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/01/17 12:0 a.m.21 views

CVE-2024-22714

Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...

6.2AI score0.00376EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/01/17 12:0 a.m.4 views

PT-2024-19534 · Unknown · Stupid Simple Cms

Name of the Vulnerable Software and Affected Versions: Stupid Simple CMS versions =1.2.4 Description: The issue is related to Cross Site Scripting XSS in the editing section of the article content. Recommendations: For Stupid Simple CMS versions =1.2.4, update to a version that contains a fix for...

6.1CVSS5.8AI score0.00376EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/05/01 12:0 a.m.3 views

PT-2023-22347 · Winterchens · My-Site

Name of the Vulnerable Software and Affected Versions: WinterChenS my-site versions before commit 3f0423da6d5200c7a46e200da145c1f54ee18548 Description: The issue allows attackers to inject arbitrary web script or HTML via editing blog articles, which is a Cross Site Scripting XSS vulnerability...

5.4CVSS6.2AI score0.00364EPSS
Exploits1References5
NVD
NVD
added 2021/08/12 11:15 p.m.13 views

CVE-2021-38602

PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content...

4.8CVSS0.00755EPSS
Exploits1References2
Prion
Prion
added 2021/08/12 11:15 p.m.10 views

Cross site scripting

PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content...

3.5CVSS4.7AI score0.00755EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2021/08/12 11:15 p.m.21 views

CVE-2021-38602

PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content...

4.8CVSS6AI score0.00755EPSS
Exploits1References3
OSV
OSV
added 2021/08/12 11:15 p.m.4 views

UBUNTU-CVE-2021-38602

PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content...

4.8CVSS6AI score0.00755EPSS
Exploits1References4
CVE
CVE
added 2021/08/12 10:3 p.m.81 views

CVE-2021-38602

CVE-2021-38602 concerns PluXML 5.8.7, where Article Editing via Headline or Content allows stored XSS. The cited description explicitly states a stored XSS in PluXML 5.8.7, and the connected documents reinforce that this is tied to the same vulnerability tracked across multiple sources. The CVE r...

4.8CVSS4.7AI score0.00755EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder