Lucene search
K

5 matches found

Debian
Debian
added 2025/12/30 3:55 p.m.6 views

[SECURITY] [DLA 4428-1] mediawiki security update

Debian LTS Advisory DLA-4428-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 30, 2025 https://wiki.debian.org/LTS Package : mediawiki Version : 1:1.35.13-1+deb11u6 CVE ID : CVE-2025-67475 CVE-2025-67478 CVE-2025-67479 CVE-2025-67480 CVE-2025-67481...

9.8CVSS5.9AI score0.00395EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.9 views

CVE-2023-28820

Concrete CMS previously concrete5 before 9.1 is vulnerable to stored XSS in RSS Displayer via the href attribute because the link element input was not sanitized...

5.4CVSS5.7AI score0.00393EPSS
Exploits0References1
OSV
OSV
added 2023/04/19 3:9 a.m.9 views

SUSE-SU-2023:1904-1 Security update for grafana

This version update from 8.5.20 to 8.5.22 for grafana fixes the following issues: - Security issues fixed: CVE-2023-1410: Fix XSS in Graphite functions tooltip bsc1209645 CVE-2023-0507: Apply attribute sanitation to GeomapPanel bsc1208821 CVE-2023-0594: Avoid storing XSS in TraceView panel...

7.3CVSS6.3AI score0.1546EPSS
Exploits1References7
WPVulnDB
WPVulnDB
added 2021/12/20 12:0 a.m.18 views

ACF Photo Gallery Field < 1.7.5 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the post parameter in the includes/acfphotogallerymetaboxedit.php file before outputing back in an attribute, leading to a Reflected Cross-Site Scripting issue PoC...

6.1CVSS0.7AI score0.008EPSS
Exploits2Affected Software1
Prion
Prion
added 2021/05/17 5:15 p.m.15 views

Cross site scripting

The tab parameter of the settings page of the All 404 Redirect to Homepage WordPress plugin before 1.21 was vulnerable to an authenticated reflected Cross-Site Scripting XSS issue as user input was not properly sanitised before being output in an attribute...

3.5CVSS5.1AI score0.0062EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder