12 matches found
org.webjars.npm:gip-recia__esco-content-menu (=0.3.4), org.webjars.npm:gip-recia__eyebrow-user-info (=0.6.2) +3 more potentially affected by CVE-2025-53892 via org.webjars.npm:vue-i18n (>=9.0.0-rc.9 <=9.14.3)
org.webjars.npm:vue-i18n MAVEN version =9.0.0-rc.9, =0.0.1, =1.12.0, =1.12.0, =1.40.2 Source cves: CVE-2025-53892 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-10771083...
VulnCheck KEV: CVE-2023-46732
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to reflected cross-site scripting RXSS via the rev parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to...
GHSA-J9RC-W3WV-FV62 XWiki Platform vulnerable to reflected cross-site scripting through revision parameter in content menu
Impact XWiki is vulnerable to reflected cross-site scripting RXSS via the rev parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to visit a link with a crafted parameter, this allows the attacker to execute arbitrary actions in the name ...
CVE-2023-46732 Reflected Cross-site scripting through revision parameter in content menu in XWiki Platform
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to reflected cross-site scripting RXSS via the rev parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to visit a...
CVE-2023-41436
Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...
CVE-2023-41436
Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...
Cross site scripting
Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...
CSZCMS Cross-Site Scripting Vulnerability
CSZCMS is an open source web application that allows managing all content and settings on a website. A security vulnerability exists in CSZCMS version v.1.3.0, which originates from a cross-site scripting vulnerability in the Additional Meta Tag parameter of the Pages Content Menu component...
CVE-2023-41436
Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...
CVE-2023-41436
Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...
GHSA-X7HC-X7FM-F7QH Cross-Site Scripting in Content Preview (CType menu)
Problem It has been discovered that content elements of type menu are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid backend user account is needed to exploit this vulnerability. Solution Update to TYPO3 versions 7.6.51, 8.7.40, 9.5.25,...
CVE-2009-3056
PHP remote file inclusion vulnerability in include/engine/content/elements/menu.php in KingCMS 0.6.0 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIGAdminPath parameter...