Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

868 matches found

CNVD
CNVDadded 2020/09/02 12:0 a.m.7 views

WordPress Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. give is a plugin for fundraising platforms. htaccess is an access control plugin. relevant is a plugin for displaying relevant content...

5.3CVSS6.2AI score0.02812EPSS
Exploits0References1
OSV
OSVadded 2020/09/01 4:41 p.m.1140 views

GHSA-2PQJ-H3VJ-PQGW Cross-Site Scripting in jquery

Affected versions of jquery are vulnerable to cross-site scripting. This occurs because the main jquery function uses a regular expression to differentiate between HTML and selectors, but does not properly anchor the regular expression. The result is that jquery may interpret HTML as selectors wh...

6.1CVSS6.2AI score0.00902EPSS
Exploits6References22
RubySec
RubySecadded 2020/09/01 12:0 a.m.28 views

Cross-Site Scripting in jquery

Affected versions of jquery are vulnerable to cross-site scripting. This occurs because the main jquery function uses a regular expression to differentiate between HTML and selectors, but does not properly anchor the regular expression. The result is that jquery may interpret HTML as selectors wh...

6.1CVSS6.6AI score0.00902EPSS
Exploits6References1Affected Software1
CNVD
CNVDadded 2020/08/27 12:0 a.m.3 views

IBM Security Guardium Cross-Site Scripting Vulnerability (CNVD-2020-50543)

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A cross-site scripting vulnerability exists in IBM Security Guardium...

5.3CVSS6.3AI score0.00075EPSS
Exploits0References1
CNVD
CNVDadded 2020/08/26 12:0 a.m.1 views

Adagency Cross-Site Scripting Vulnerability in Joomla!

Joomla! is an open source content management system CMS, the system provides RSS feeds, site search and other functions. Adagency cross-site scripting vulnerability in Joomla! An attacker can exploit this vulnerability to execute client-side code...

6.4AI score
Exploits0References1
CNVD
CNVDadded 2020/08/12 12:0 a.m.1 views

GitLab Cross-Site Scripting Vulnerability (CNVD-2020-46489)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in Issues in...

7.3CVSS6.3AI score0.00131EPSS
Exploits0References1
CNVD
CNVDadded 2020/08/05 12:0 a.m.1 views

Tiki Cross-Site Scripting Vulnerability (CNVD-2020-44400)

Tiki is a suite of open source content management and portal applications from the Tiki community that can be used to create web applications, portals, corporate intranets, extranets, and more. A cross-site scripting vulnerability exists in versions prior to Tiki 21.2. The vulnerability stems fro...

6.1CVSS6.3AI score0.00359EPSS
Exploits0References1
CNVD
CNVDadded 2020/07/31 12:0 a.m.6 views

TYPO3 dlf extension cross-site scripting vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. dlf extension is one of the digital library extensions. A cross-site scripting vulnerability exists in TYPO3 dlf extension version 3.1.1 and earlier versions, which stems from the lack of...

6.1CVSS6.1AI score0.00275EPSS
Exploits0References1
CNVD
CNVDadded 2020/07/30 12:0 a.m.2 views

KonaWiki cross-site scripting vulnerability (CNVD-2020-43669)

KonaWiki is a lightweight Wiki system. The system is primarily used for writing manuscripts, keeping minutes and memos, etc. A cross-site scripting vulnerability exists in KonaWiki 3.1.0 and earlier versions. The vulnerability stems from the WEB application lacking proper validation of client-sid...

6.1CVSS6.4AI score0.00347EPSS
Exploits0References1
CNVD
CNVDadded 2020/07/29 12:0 a.m.2 views

Teltonika TRB245 Cross-Site Scripting Vulnerability

Teltonika TRB245 is a cellular network gateway product from Teltonika Lithuania. A cross-site scripting vulnerability exists in Teltonika TRB245 using firmware version TRB2R00.02.02. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker can...

5.4CVSS6.4AI score0.00157EPSS
Exploits1References1
CNVD
CNVDadded 2020/07/29 12:0 a.m.3 views

HCL Technologies BigFix Platform BigFix WebUI Cross-Site Scripting Vulnerability

HCL Technologies BigFix Platform is a suite of endpoint security management platform from HCL Technologies, India. The platform supports automated discovery, management and remediation of endpoint security issues.HCL BigFix WebUI is a console program for the BigFix Platform. A cross-site scriptin...

5.4CVSS6.4AI score0.00343EPSS
Exploits0References1
CNVD
CNVDadded 2020/07/28 12:0 a.m.2 views

OSIsoft PI Vision Cross-Site Scripting Vulnerability (CNVD-2020-44877)

OSIsoft PI Vision is a suite of visualization tools from OSIsoft, Inc. that supports accessing PI System data from mobile devices. It supports self-configuration of trends, images, data values, and more in order to present data information. A cross-site scripting vulnerability exists in OSIsoft P...

6.5CVSS6.4AI score0.0013EPSS
Exploits0References1
CNVD
CNVDadded 2020/07/27 12:0 a.m.1 views

Mida Solutions eFramework Cross-Site Scripting Vulnerability

Mida Solutions eFramework is a suite of unified communications and collaboration services from Mida Solutions, Italy. A cross-site scripting vulnerability exists in Mida Solutions eFramework version 2.9.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by...

6.1CVSS6.4AI score0.0021EPSS
Exploits1References1
CNVD
CNVDadded 2020/07/22 12:0 a.m.1 views

SAP Business Objects Business Intelligence Platform Cross-Site Scripting Vulnerability (CNVD-2020-41739)

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics, and data visualization. A cross-site scripting vulnerability exists in SAP Business Objects...

6.1CVSS6.3AI score0.00166EPSS
Exploits0References1
CNVD
CNVDadded 2020/07/20 12:0 a.m.2 views

Apache Airflow RBAC Admin Page Cross-Site Scripting Vulnerability

Apache Airflow is the United States Apache Apache Software Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A cross-site scripting vulnerability exists in the RBAC Admin page in Apac...

5.4CVSS6.4AI score0.00411EPSS
Exploits0References1
Prion
Prionadded 2020/07/17 10:15 p.m.13 views

Cross site scripting

Insufficient output sanitization in Teltonika firmware TRB2R00.02.02 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks by injecting malicious client-side code into the 'URL/ Host / Connection' form in the 'DATA TO SERVER' configuration section...

3.5CVSS5.2AI score0.00157EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2020/07/17 9:23 p.m.36 views

CVE-2020-5769

Teltonika TRB2 firmware TRB2_R_00.02.02 contains insufficient output sanitization in the WEB application, enabling a remote, authenticated attacker to perform persistent cross-site scripting by injecting malicious client-side code into the DATA TO SERVER fields (URL/Host/Connection). Affected: Te...

5.4CVSS5.1AI score0.00157EPSS
Exploits1References1Affected Software1
CNVD
CNVDadded 2020/07/17 12:0 a.m.1 views

Cross-site scripting vulnerability in WebKit component of multiple Apple products (CNVD-2020-43674)

Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems.Apple iOS is an operating system developed for mobile devices.Apple tvOS is a smart TV operating system. A cross-site scripting vulnerability exists in the WebKit component of several...

6.1CVSS8.7AI score0.00999EPSS
Exploits0References1
CNVD
CNVDadded 2020/07/15 12:0 a.m.1 views

Wordpress Jannah Theme Stored Cross-Site Scripting Vulnerability

WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. A stored cross-site scripting vulnerability exists in Wordpress Jannah Theme. An attacker c...

6.1AI score
Exploits0References1
CNVD
CNVDadded 2020/07/09 12:0 a.m.3 views

phpList cross-site scripting vulnerability (CNVD-2020-41811)

phpList is an open source newsletter and email marketing software from phpList UK. A cross-site scripting vulnerability exists in phpList 3.5.4 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...

5.4CVSS6.3AI score0.0043EPSS
Exploits1References1
Rows per page
Query Builder