Lucene search
+L

12 matches found

vulnersOsv
vulnersOsv
added 2025/07/16 4:57 a.m.5 views

org.webjars.npm:gip-recia__esco-content-menu (=0.3.4), org.webjars.npm:gip-recia__eyebrow-user-info (=0.6.2) +3 more potentially affected by CVE-2025-53892 via org.webjars.npm:vue-i18n (>=9.0.0-rc.9 <=9.14.3)

org.webjars.npm:vue-i18n MAVEN version =9.0.0-rc.9, =0.0.1, =1.12.0, =1.12.0, =1.40.2 Source cves: CVE-2025-53892 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-10771083...

5.3CVSS5.8AI score0.00676EPSS
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2025/06/07 12:0 a.m.3 views

VulnCheck KEV: CVE-2023-46732

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to reflected cross-site scripting RXSS via the rev parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to...

9.6CVSS5.7AI score0.02191EPSS
Exploits1References1
OSV
OSV
added 2023/11/08 2:51 p.m.22 views

GHSA-J9RC-W3WV-FV62 XWiki Platform vulnerable to reflected cross-site scripting through revision parameter in content menu

Impact XWiki is vulnerable to reflected cross-site scripting RXSS via the rev parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to visit a link with a crafted parameter, this allows the attacker to execute arbitrary actions in the name ...

9.6CVSS7.7AI score0.02191EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/11/06 6:45 p.m.9 views

CVE-2023-46732 Reflected Cross-site scripting through revision parameter in content menu in XWiki Platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to reflected cross-site scripting RXSS via the rev parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to visit a...

9.6CVSS9.1AI score0.02191EPSS
Exploits1References3
OSV
OSV
added 2023/09/16 12:15 a.m.8 views

CVE-2023-41436

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...

5.4CVSS6.1AI score0.00473EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/09/16 12:15 a.m.7 views

CVE-2023-41436

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...

5.4CVSS6.5AI score0.00473EPSS
Exploits1References2
Prion
Prion
added 2023/09/16 12:15 a.m.21 views

Cross site scripting

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...

4.9CVSS5.6AI score0.00473EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/09/15 12:0 a.m.7 views

CSZCMS Cross-Site Scripting Vulnerability

CSZCMS is an open source web application that allows managing all content and settings on a website. A security vulnerability exists in CSZCMS version v.1.3.0, which originates from a cross-site scripting vulnerability in the Additional Meta Tag parameter of the Pages Content Menu component...

5.4CVSS6.1AI score0.00473EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/09/15 12:0 a.m.29 views

CVE-2023-41436

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...

5.9AI score0.00473EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/09/15 12:0 a.m.12 views

CVE-2023-41436

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...

6.9AI score0.00473EPSS
Exploits1References1
OSV
OSV
added 2021/03/23 1:54 a.m.17 views

GHSA-X7HC-X7FM-F7QH Cross-Site Scripting in Content Preview (CType menu)

Problem It has been discovered that content elements of type menu are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid backend user account is needed to exploit this vulnerability. Solution Update to TYPO3 versions 7.6.51, 8.7.40, 9.5.25,...

5.4CVSS5AI score0.00872EPSS
Exploits0References6
NVD
NVD
added 2009/09/03 5:30 p.m.14 views

CVE-2009-3056

PHP remote file inclusion vulnerability in include/engine/content/elements/menu.php in KingCMS 0.6.0 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIGAdminPath parameter...

7.5CVSS7.5AI score0.02086EPSS
Exploits0References1
Rows per page
Query Builder