Lucene search
K

237 matches found

CNVD
CNVD
added 2020/06/22 12:0 a.m.3 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35333)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 2.2.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

6.1CVSS6.3AI score0.00685EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/16 12:0 a.m.7 views

WordPress wpForo Forum plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wpForo Forum plugin is a forum plugin used in it. A cross-site scripting vulnerability exists in WordPress wpForo Forum...

6.1CVSS6.2AI score0.00934EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/16 12:0 a.m.11 views

WordPress wpForo Forum plugin cross-site scripting vulnerability (CNVD-2021-24375)

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wpForo Forum plugin is a forum plugin used in it. A cross-site scripting vulnerability exists in WordPress wpForo Forum...

4.8CVSS6.2AI score0.00709EPSS
Exploits2References1
CNVD
CNVD
added 2020/06/11 12:0 a.m.2 views

Micro Focus ArcSight Management Center Cross-Site Scripting Vulnerability (CNVD-2020-34713)

Micro Focus ArcSight Management Center ArcMC is a security management center from Micro Focus UK that centrally manages ArcSight e.g. HPArcSightLogger, etc. deployments through a unified interface. A cross-site scripting vulnerability exists in Micro Focus ArcSight Management Center. The...

5.4CVSS6.3AI score0.0051EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/08 12:0 a.m.6 views

Pixel & Tonic Craft CMS Comments plugin cross-site scripting vulnerability

Pixel & Tonic Craft CMS is the U.S. Pixel & Tonic company's set of content management system CMS. Comments plugin is one of the code comment generation plugin. A cross-site scripting vulnerability exists in the Pixel & Tonic Craft CMS Comments plugin. The vulnerability stems from a lack of proper...

5.4CVSS6.6AI score0.0054EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/05 12:0 a.m.2 views

IBM Security Guardium Cross-Site Scripting Vulnerability (CNVD-2020-32644)

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A cross-site scripting vulnerability exists in IBM Security Guardium...

6.1CVSS6.4AI score0.0073EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/25 12:0 a.m.1 views

Grafana Cross-Site Scripting Vulnerability (CNVD-2020-31669)

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. Grafana suffers from a cross-site scripting vulnerability. The vulnerability stems fro...

6.1CVSS6.6AI score0.0182EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/22 12:0 a.m.1 views

ocProducts Composr CMS Cross-Site Scripting Vulnerability

ocProducts Composr CMS is the UK ocProducts company's set of open source content management system CMS written in PHP language . A cross-site scripting vulnerability exists in ocProducts Composr CMS version 10.0.30. The vulnerability stems from a lack of proper validation of client-side data by t...

5.4CVSS6.5AI score0.00652EPSS
Exploits4References1
CNVD
CNVD
added 2020/05/20 12:0 a.m.78 views

jQuery cross-site scripting vulnerability (CNVD-2021-28270)

jQuery is the United States John Resig programmer of a set of open source , cross-browser JavaScript library . The library simplifies the operation between HTML and JavaScript , and has a modular , plug-in extensions and other features . A cross-site scripting vulnerability exists in versions of...

6.1CVSS6.4AI score0.06273EPSS
Exploits4References1
CNVD
CNVD
added 2020/05/18 12:0 a.m.2 views

Estsoft ALSong Cross-Site Scripting Vulnerability

Eastsoft ALSong is a music player from the Korean company Eastsoft. A cross-site scripting vulnerability exists in Eastsoft ALSong 3.46 and earlier versions, which stems from a lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute...

6.1CVSS6.3AI score0.00631EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/14 12:0 a.m.2 views

TYPO3 SVG Sanitizer Component Cross-Site Scripting Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in the SVG Sanitizer component in TYPO3 1.0.2 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data ...

5.4CVSS6.4AI score0.0054EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/08 12:0 a.m.1 views

UliCMS Cross-Site Scripting Vulnerability (CNVD-2020-35501)

UliCMS is an open source content management system CMS. The system supports features such as access control and WYSIWYG editing. A cross-site scripting vulnerability exists in UliCMS versions prior to 2020.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB...

6.1CVSS6.3AI score0.01186EPSS
Exploits1References1
CNVD
CNVD
added 2020/05/06 12:0 a.m.4 views

Dell EMC RSA Archer Cross-Site Scripting Vulnerability

Dell EMC RSA Archer is an enterprise IT governance and compliance governance product from Dell USA. The product enables the development of eGRC programs for managing enterprise risk, automating business processes, and more. A cross-site scripting vulnerability exists in versions prior to Dell EMC...

8.2CVSS6.3AI score0.00862EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/26 12:0 a.m.2 views

Grafana Cross-Site Scripting Vulnerability (CNVD-2020-31592)

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A cross-site scripting vulnerability exists in Grafana versions prior to 6.7.3. The...

6.1CVSS6.7AI score0.01946EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/21 12:0 a.m.21 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2021-59152)

NETGEAR M4300-28G and others are a managed switch from NETGEAR, Inc. A cross-site scripting vulnerability exists in several NETGEAR products. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execu...

5.2CVSS3.9AI score0.0042EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/21 12:0 a.m.16 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2021-59153)

NETGEAR M4300-28G and others are a managed switch from NETGEAR, Inc. A cross-site scripting vulnerability exists in several NETGEAR products. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execu...

7.8CVSS3.9AI score0.00642EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/21 12:0 a.m.2 views

bitcoin-abe Cross-Site Scripting Vulnerability

bitcoin-abe is a blockchain browser. The product is able to read bitcoin block files and it supports converting and loading data into a database. A cross-site scripting vulnerability exists in the call in the abe.py file in bitcoin-abe versions 0.7.2 and earlier and 0.8pre and earlier. The...

6.1CVSS6.3AI score0.01215EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/20 12:0 a.m.3 views

Tenable Network Security Tenable.Sc Cross-Site Scripting Vulnerability

Tenable Network Security Tenable.Sc is a vulnerability analysis solution from Tenable Network Security, USA. The product supports real-time vulnerability assessment and management, among other things. A cross-site scripting vulnerability exists in Tenable Network Security Tenable.Sc versions prio...

5.4CVSS6.4AI score0.00622EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/17 12:0 a.m.1 views

NETGEAR WAC510 Cross-Site Scripting Vulnerability

The NETGEAR WAC510 is a wireless access point AP from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR WAC510 prior to version 8.0.1.3, which stems from a lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute...

5.2CVSS6.4AI score0.00444EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/17 12:0 a.m.3 views

NETGEAR R9000 Cross-Site Scripting Vulnerability

The NETGEAR R9000 is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR R9000 prior to version 1.0.4.26, which stems from a lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute client-side code...

7.4CVSS6.4AI score0.00476EPSS
Exploits0References1
Rows per page
Query Builder