CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/05/23 9:45 a.m.•7 views

CVE-2024-25874

A cross-site scripting XSS vulnerability in the New/Edit Article module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Create Tag text field...

5.4CVSS5.2AI score0.00077EPSS

Exploits1References1

Veracode•added 2024/02/23 6:57 a.m.•11 views

Cross-site Scripting (XSS)

Enhavo is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the Create Tag functionality, allowing attackers to inject arbitrary web scripts or HTML via a crafted payload into the Create Tag field within the New/Edit Article panel...

5.4CVSS6.4AI score0.00077EPSS

Exploits1References3Affected Software1

OSV•added 2024/02/22 3:30 p.m.•10 views

GHSA-38M8-5GFC-663G Enhavo Cross-site Scripting vulnerability

5.4CVSS5.2AI score0.00077EPSS

Exploits1References4

Github Security Blog•added 2024/02/22 3:30 p.m.•14 views

Enhavo Cross-site Scripting vulnerability

5.4CVSS5.7AI score0.00077EPSS

Exploits1References4Affected Software1

NVD•added 2024/02/22 2:15 p.m.•11 views

CVE-2024-25874

5.4CVSS5.5AI score0.00077EPSS

Exploits1References2

Prion•added 2024/02/22 2:15 p.m.•8 views

Cross site scripting

6.1AI score0.00077EPSS

Exploits1References2

Vulnrichment•added 2024/02/22 12:0 a.m.•9 views

CVE-2024-25874

5.2AI score0.00077EPSS

Exploits1References2

Positive Technologies•added 2024/02/22 12:0 a.m.•3 views

PT-2024-21178 · Unknown · Enhavo Cms

Name of the Vulnerable Software and Affected Versions: Enhavo CMS version 0.13.1 Description: A cross-site scripting XSS issue in the New/Edit Article module allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Create Tag text field. Recommendations: F...

5.4CVSS6AI score0.00077EPSS

Exploits1References8

CNNVD•added 2024/02/22 12:0 a.m.•0 views

Enhavo CMS Security Vulnerability

Enhavo CMS is a content management system from Enhavo. A security vulnerability exists in Enhavo CMS version v0.13.1. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the Create Tag text field...

5.4CVSS6.7AI score0.00077EPSS

Exploits1References3

Cvelist•added 2024/02/22 12:0 a.m.•12 views

CVE-2024-25874

5.7AI score0.00077EPSS

Exploits1References2

OSV•added 2022/09/21 12:0 a.m.•35 views

GHSA-GM8C-W9CM-C445 Microweber vulnerable to HTML Injection in create tag functionality

HTML injection attack is closely related to Cross-site Scripting XSS. HTML injection uses HTML to deface the page. XSS, as the name implies, injects JavaScript into the page. Both attacks exploit insufficient validation of user input. A patch is available on commit...

6.1CVSS6.2AI score0.00427EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by