237 matches found
Taocms 跨站脚本漏洞
Taocms is a micro Cms content management system in China. Taocms suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to execute client-side code...
GitHub 跨站脚本漏洞
GitHub is a hosting platform for open source and private software projects. A cross-site scripting vulnerability exists in the GitHub repository chatwoot/chatwoot and prior versions, which stems from a lack of proper validation of client-side data by the web application. An attacker can exploit...
chatwoot 跨站脚本漏洞
chatwoot is a software application. Customer Engagement Suite, an open source alternative to Intercom, Zendesk, Salesforce Service Cloud, and more. chatwoot suffers from a cross-site scripting vulnerability that stems from the WEB application's lack of proper validation of client-side data. An...
SPIP SVG Cross-Site Scripting Vulnerability
SPIP is a Web-based content publishing system. A cross-site scripting vulnerability exists in SPIP, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execute client-side code...
SPIP interfaces.php cross-site scripting vulnerability
SPIP is a web-based content publishing system. A cross-site scripting vulnerability exists in SPIP, which stems from a lack of proper validation of client-side data in the interfaces.php component of the WEB application. An attacker could exploit this vulnerability to execute client-side code...
livehelperchat 跨站脚本漏洞
livehelperchat is available through Live Helper Chat, which provides free live support on the website. livehelperchat suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the...
ForestBlog Cross-Site Scripting Vulnerability
ForestBlog is an application. A personal blog. ForestBlog suffers from a cross-site scripting vulnerability that stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit the vulnerability to execute JavaScript code on the client side...
YetiForceCrm Cross-Site Request Forgery Vulnerability (CNVD-2022-08153)
YetiForceCrm is an open source Crm system from the Polish company YetiForce. A cross-site request forgery vulnerability exists in YetiForceCrm prior to version 6.3.0, which stems from a lack of proper validation of client-side data by the WEB application. An attacker could exploit this...
livehelperchat 跨站脚本漏洞
livehelperchat is available through live helper chat and can be used to provide live support on the website for free. Livehelperchat has a cross-site scripting vulnerability in version 3.93 that stems from the lack of proper validation of client-side data in the WEB application. An attacker can...
Construction Industry Solutions Conis Construction Cloud跨站脚本漏洞
Construction Industry Solutions Conis Construction Cloud is an end-to-end cloud and mobile software solution from Construction Industry Solutions, Inc. A cross-site scripting vulnerability exists in Construction Industry Solutions Conis Construction Cloud, which stems from the lack of proper...
showdoc cross-site scripting vulnerability
showdoc is an open source tool ideal for IT teams to share documents online. showdoc suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execute client-side code...
AppCMS Cross-Site Scripting Vulnerability (CNVD-2022-08032)
AppCMS is a content management system CMS for mobile application downloads. a cross-site scripting vulnerability exists in AppCMS, which stems from the lack of proper validation of client-side data in the WEB application. An attacker could exploit this vulnerability to execute client-side code...
MediaWiki 跨站脚本漏洞
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki ShortDescription A cross-site scripting vulnerability exists that stems from a lack of...
pimcore Cross-Site Scripting Vulnerability (CNVD-2022-07497)
Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce frameworks and product information management applications. pimcore has a cross-site scripting...
YetiForceCrm 跨站请求伪造漏洞
YetiForceCrm is an open source Crm system from the Polish company YetiForce. A cross-site request forgery vulnerability exists in YetiForceCrm prior to version 6.3.0, which stems from a lack of proper validation of client-side data by the WEB application. An attacker could exploit this...
Construction Industry Solutions Conis Construction Cloud 跨站脚本漏洞
Construction Industry Solutions Conis Construction Cloud is an end-to-end cloud and mobile software solution from Construction Industry Solutions, Inc. A cross-site scripting vulnerability exists in Construction Industry Solutions Conis Construction Cloud, which stems from the lack of proper...
pimcore Cross-Site Scripting Vulnerability (CNVD-2022-07500)
Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce frameworks and product information management applications.Pimcore has cross-site scripting...
WordPress WP Booking System plugin cross-site scripting vulnerability
WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress WP Booking System plugin has a cross-site scripting vulnerability in versions prior to 2.0.15...
GitLab 跨站脚本漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. GitLab suffers from a cross-site scripting vulnerability that stems from the la...
keystone cross-site scripting vulnerability
Keystone is one of the most powerful Node.js headless Cms. used to help you build and scale faster than any other Cms or application framework. keystone suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in web applications. An...