Lucene search
K

237 matches found

CNVD
CNVD
added 2020/09/21 12:0 a.m.3 views

Drupal core cross-site scripting vulnerability (CNVD-2020-65151)

Drupal core is a free, open source content management system developed in PHP by the Drupal community. A cross-site scripting vulnerability exists in Drupal core. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this...

6.1CVSS6.5AI score0.00643EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/16 12:0 a.m.2 views

Rukovoditel Cross-Site Scripting Vulnerability (CNVD-2020-52204)

Rukovoditel is a set of Web-based open source project management software from the Rukovoditel team. The software has project management , customer relationship management and other functions . A cross-site scripting vulnerability exists in Rukovoditel Project Managemen versions prior to 2.6, whi...

6.1CVSS6.4AI score0.00864EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/15 12:0 a.m.3 views

KaiOS Note Cross-Site Scripting Vulnerability

KaiOS is a Linux-based mobile operating system. A cross-site scripting vulnerability exists in KaiOS version 2.5. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

4.4CVSS6.4AI score0.00405EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/15 12:0 a.m.1 views

KaiOS Recorder Cross-Site Scripting Vulnerability

KaiOS is a Linux-based mobile operating system. A cross-site scripting vulnerability exists in KaiOS version 2.5. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

4.4CVSS6.4AI score0.00405EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/10 12:0 a.m.2 views

Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2020-63723)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A cross-site scriptin...

6.3CVSS6.1AI score0.01991EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/04 12:0 a.m.5 views

IBM WebSphere Cross-Site Scripting Vulnerability (CNVD-2021-10829)

IBM WebSphere Application Server WAS is an application server product from IBM in the United States. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A cross-site scripting attack vulnerability exists in IBM WebSphere...

6.1CVSS5.9AI score0.00921EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/17 12:0 a.m.5 views

vBulletin Cross-Site Scripting Vulnerability

vBulletin is the United States InternetBrands and vBulletinSolutions, Inc. of a PHP and MySQL-based open source Web forum program . A cross-site scripting vulnerability exists in vBulletin version 5.x. The vulnerability stems from the lack of proper validation of client-side data by the WEB...

9.8CVSS6.4AI score0.46031EPSS
Exploits3References1
CNVD
CNVD
added 2020/08/12 12:0 a.m.2 views

SOPlanning Cross-Site Scripting Vulnerability

SOPlanning is an online project management software. A cross-site scripting vulnerability exists in SOPlanning version 1.46.01. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to execute client-side co...

5.4CVSS6.4AI score0.00539EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/06 12:0 a.m.2 views

Jeedom Cross-Site Scripting Vulnerability

Jeedom is an open source home automation solution for the Internet of Things. A cross-site scripting vulnerability exists in Jeedom 4.0.38 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the...

6.1CVSS6.3AI score0.03587EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/05 12:0 a.m.2 views

Plesk Onyx Cross-Site Scripting Vulnerability

Plesk Onyx is a hosting control panel from the Swiss company Plesk. A cross-site scripting vulnerability exists in Plesk Onyx version 17.8.11. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute...

6.1CVSS6.4AI score0.00905EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/31 12:0 a.m.3 views

Nagios Log Server Cross-Site Scripting Vulnerability (CNVD-2020-43761)

Nagios Log Server is a set of centralized log management, monitoring and analysis software from Nagios, Inc. A cross-site scripting vulnerability exists in Nagios Log Server versions prior to 2.1.7. The vulnerability stems from the lack of proper validation of client-side data by the WEB...

5.4CVSS6.3AI score0.14414EPSS
Exploits3References1
CNVD
CNVD
added 2020/07/30 12:0 a.m.3 views

KonaWiki Cross-Site Scripting Vulnerability

KonaWiki is a lightweight Wiki system. The system is primarily used for writing manuscripts, keeping minutes and memos, etc. A cross-site scripting vulnerability exists in KonaWiki 2.2.0 and earlier versions. The vulnerability stems from the WEB application lacking proper validation of client-sid...

6.1CVSS6.4AI score0.0106EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/28 12:0 a.m.2 views

Elasticsearch Kibana Cross-Site Scripting Vulnerability (CNVD-2020-49490)

Elasticsearch Kibana is a suite of open source, browser-based analytics and search Elasticsearch dashboard tools from Elasticsearch Netherlands. A cross-site scripting vulnerability exists in Elasticsearch Kibana versions prior to 6.8.11 and prior to 7.8.1. The vulnerability stems from the WEB...

6.7CVSS8.7AI score0.0122EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/28 12:0 a.m.2 views

SilverStripe Cross-Site Scripting Vulnerability (CNVD-2020-42956)

SilverStripe is New Zealand SilverStripe company's set of open source programming framework and content management system CMS. The system has support for multiple languages , cross-platform and other features . Silverstripe 4.5 and previous versions of cross-site scripting vulnerability. The...

5.4CVSS6.5AI score0.00556EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/17 12:0 a.m.1 views

IBM Team Concert Cross-Site Scripting Vulnerability

IBM Team Concert RTC is a set of scalable team collaboration platform from IBM in the United States. The platform includes features such as task tracking, source code control, automated builds, change management, and agile planning and continuous builds. A cross-site scripting vulnerability exist...

5.4CVSS6.2AI score0.00561EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/08 12:0 a.m.8 views

TYPO3 ke_search extension cross-site scripting vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. kesearch extension is one of the search engine extensions. A cross-site scripting vulnerability exists in TYPO3 kesearch extension. The vulnerability stems from the WEB application lacking...

5.4CVSS6.1AI score0.00555EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/08 12:0 a.m.2 views

Victor CMS Cross-Site Scripting Vulnerability (CNVD-2020-61026)

Victor CMS is an open source content management system from Victor Alagwu Software Developers in Nigeria. A cross-site scripting vulnerability exists in Victor CMS 2019-02-28 and prior versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. A...

6.1CVSS6.4AI score0.02114EPSS
Exploits2
CNVD
CNVD
added 2020/07/06 12:0 a.m.2 views

WordPress Vanguard Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.Vanguard is one of the freelance website theme plugins used in it. A cross-site scripting vulnerability exists in...

6.1CVSS6.3AI score0.01167EPSS
Exploits2References1
CNVD
CNVD
added 2020/07/02 12:0 a.m.6 views

TileServer GL Cross-Site Scripting Vulnerability

TileServer GL is an open source map server for vector blocks from the MapTiler team. A cross-site scripting vulnerability exists in the server.js file in TileServer GL 3.0.0 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. ...

6.1CVSS6.1AI score0.12224EPSS
Exploits3References1
CNVD
CNVD
added 2020/06/23 12:0 a.m.14 views

webTareas Cross-Site Scripting Vulnerability

webTareas is a web-based open source collaboration tool. The product supports features such as project management, bug tracking, content management and meeting management. A cross-site scripting vulnerability exists in the loginForm in the general/login.php page in webTareas version 2.0p8. The...

6.1CVSS6AI score0.01159EPSS
Exploits1References1
Rows per page
Query Builder