Lucene search
K

237 matches found

CNVD
CNVD
added 2022/01/10 12:0 a.m.24 views

github-readme-stats cross-site scripting vulnerability

github-readme-stats is an open source project. github-readme-stats suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by WEB applications, which can be exploited by attackers to execute client-side code...

6.1CVSS3.9AI score0.00628EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/07 12:0 a.m.21 views

Sourcecodester Vehicle Service Management System Cross-Site Scripting Vulnerability (CNVD-2022-02806)

Sourcecodester Vehicle Service Management System is an open source PHP project. Sourcecodester Vehicle Service Management System has a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers t...

4.8CVSS3.5AI score0.01142EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/06 12:0 a.m.24 views

Atlassian Jira Cross-Site Scripting Vulnerability (CNVD-2022-05437)

Atlassian Jira is a defect tracking management system from Atlassian Australia. A cross-site scripting vulnerability exists in Atlassian Jira, which stems from a lack of proper validation of client-side data in the application's /rest/collectors/1.0/template/custom endpoint. An attacker could...

6.1CVSS3.3AI score0.55364EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/06 12:0 a.m.5 views

Practo Technologies Insta Hms 跨站脚本漏洞

Practo Technologies Insta Hms is a hospital information system from Practo Technologies, India. Practo Technologies Insta HMS has a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to...

6.1CVSS5.2AI score0.00852EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/06 12:0 a.m.6 views

github-readme-stats 跨站脚本漏洞

github-readme-stats is an open source project. github-readme-stats suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by WEB applications, which can be exploited by attackers to execute client-side code...

6.1CVSS5.3AI score0.00628EPSS
Exploits0References2
CNVD
CNVD
added 2021/12/17 12:0 a.m.27 views

Adobe Experience Manager Cross-Site Scripting Vulnerability

Adobe Experience Manager AEM is a content management solution from Adobe that can be used to build websites, mobile applications and forms. The solution supports mobile content management, marketing and sales campaign management, and multi-site management, etc. A cross-site scripting vulnerabilit...

4.3CVSS2.4AI score0.01593EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2021/12/17 12:0 a.m.23 views

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2022-04999)

Adobe Experience Manager AEM is a content management solution from Adobe that can be used to build websites, mobile applications and forms. The solution supports mobile content management, marketing and sales campaign management, and multi-site management, etc. A cross-site scripting vulnerabilit...

8.1CVSS2.4AI score0.01593EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/17 12:0 a.m.25 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2021-102798)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

6.1CVSS6.1AI score0.01408EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/12/14 12:0 a.m.5 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

6.1CVSS5.3AI score0.01408EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/12/14 12:0 a.m.3 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a content management solution from Adobe that can be used to build websites, mobile applications and forms. The solution supports mobile content management, marketing and sales campaign management, and multi-site management, etc. A cross-site scripting vulnerabilit...

8.1CVSS5.3AI score0.01593EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/12/08 12:0 a.m.5 views

Knime Server 跨站脚本漏洞

A cross-site scripting vulnerability exists in Knime, the Swiss company's enterprise software for putting data science workflows into production. knime stems from the lack of proper validation of client-side data by the WEB application, which can be exploited by attackers to execute client-side...

8.8CVSS5.2AI score0.00734EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/12/07 12:0 a.m.6 views

Esri ArcGIS 跨站脚本漏洞

Esri Arcgis Server is a Web-oriented enterprise software platform that can be used to provide geolocation services from Esri Corporation. A cross-site scripting vulnerability exists in Esri ArcGIS that stems from a lack of proper validation of client-side data by the WEB application. An attacker...

6.1CVSS6.1AI score0.00784EPSS
Exploits0References3
CNVD
CNVD
added 2021/11/24 12:0 a.m.34 views

JetBrains YouTrack Cross-Site Scripting Vulnerability

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. The software has features such as bug tracking, creating workflows and monitoring project progress. A cross-site scripting vulnerability exists in JetBrains YouTrack, which stems from...

3.5CVSS1.7AI score0.00634EPSS
Exploits0Affected Software2
CNNVD
CNNVD
added 2021/11/23 12:0 a.m.5 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. WordPress Slideshow Gallery suffers from a...

4.8CVSS5.1AI score0.00598EPSS
Exploits2References2
CNNVD
CNNVD
added 2021/11/23 12:0 a.m.5 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Slick Slider suffers from a cross-site scripting vulnerability that stems from the WEB...

5.4CVSS5.6AI score0.00604EPSS
Exploits2References2
CNVD
CNVD
added 2021/11/12 12:0 a.m.18 views

JetBrains YouTrack Cross-Site Scripting Vulnerability (CNVD-2021-91660)

JetBrains YouTrack, a browser-based bug tracking and project management software from JetBrains Czech Republic, is vulnerable to a cross-site scripting vulnerability in versions prior to JetBrains YouTrack 2021.3.24402. The vulnerability stems from the lack of proper validation of client-side dat...

5.4CVSS2.2AI score0.00546EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/08 12:0 a.m.4 views

SourceCodester Tailor Management 跨站脚本漏洞

SourceCodester Tailor Management is an open source tailor management system software from the individual developer Warren Daloyan. A security vulnerability exists in SourceCodester Tailor Management, which stems from a lack of proper validation of client-side data in the web application. An...

6.1CVSS6.4AI score0.00641EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/11/08 12:0 a.m.5 views

JetBrains YouTrack 跨站脚本漏洞

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. The software has features such as bug tracking, creating workflows and monitoring project progress. A cross-site scripting vulnerability exists in JetBrains YouTrack, which stems from...

5.4CVSS5.3AI score0.00634EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/11/05 12:0 a.m.11 views

PHP Event Calendar 跨站脚本漏洞

PHP Event Calendar is an open source AJAX-based multi-user modern event calendar . It is easy to integrate and fully customizable. PHP Event Calendar Lite Edition suffers from a cross-site scripting vulnerability. The vulnerability stems from a lack of proper validation of client-side data by the...

6.1CVSS6.1AI score0.00864EPSS
Exploits3References4
CNVD
CNVD
added 2021/10/28 12:0 a.m.16 views

MyBB Cross-Site Scripting Vulnerability (CNVD-2021-103573)

MyBB is a free and web-based forum software developed by MyBB team using PHP and MySQL. MyBB has a cross-site scripting vulnerability in versions prior to 1.8.28, which stems from the lack of proper validation of client-side data in the template name displayed in the theme management of the WEB...

5.4CVSS1.9AI score0.00477EPSS
Exploits0References1
Rows per page
Query Builder