Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.9 views

CVE-2023-29202

XWiki Commons are technical libraries common to several other top level XWiki projects. The RSS macro that is bundled in XWiki included the content of the feed items without any cleaning in the HTML output when the parameter content was set to true. This allowed arbitrary HTML and in particular...

9CVSS6.5AI score0.01393EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-24859

Malware in sbrugna...

5.5CVSS5.3AI score0.00604EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-43108

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.00501EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/07/18 11:54 a.m.5 views

CVE-2025-52786

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kingdom Creation Media Folder media-folder allows Reflected XSS.This issue affects Media Folder: from n/a through = 1.0.0...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:18 p.m.5 views

CVE-2022-1336

The Carousel CK WordPress plugin through 1.1.0 does not sanitize and escape Slide's descriptions, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks when unfilteredhtml is disallowed...

4.8CVSS6.1AI score0.00565EPSS
Exploits2References1
Openbugbounty
Openbugbounty
added 2025/04/22 3:56 a.m.21 views

kw3.com Cross Site Scripting vulnerability OBB-4047991

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
CNVD
CNVD
added 2023/12/19 12:0 a.m.8 views

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2023-9998692)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS7AI score0.00562EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2023/08/14 12:0 a.m.307 views

EasyPX CMS 06.02.04 Cross Site Scripting

==================================================================================================================================== | Title : EasyPX CMS V06.02.04 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit | | Vend...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2023/06/19 10:52 a.m.32 views

CVE-2023-0489 SlideOnline <= 1.2.1 - Contributor+ Stored XSS

The SlideOnline WordPress plugin through 1.2.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.5AI score0.00444EPSS
Exploits2References1
Openbugbounty
Openbugbounty
added 2023/05/07 6:33 p.m.9 views

celebrityaddressaerial.com Cross Site Scripting vulnerability OBB-3304521

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Vulnrichment
Vulnrichment
added 2023/02/27 3:24 p.m.7 views

CVE-2023-0548 Namaste! LMS < 2.5.9.4 - Admin+ Stored XSS

The Namaste! LMS WordPress plugin before 2.5.9.4 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5AI score0.00527EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/02/13 2:32 p.m.17 views

CVE-2023-0166 PickPlugins Product Slider for WooCommerce < 1.13.42 - Contributor+ Stored XSS

The Product Slider for WooCommerce by PickPlugins WordPress plugin before 1.13.42 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...

5.6AI score0.00477EPSS
Exploits2References1
Packet Storm
Packet Storm
added 2018/07/27 12:0 a.m.57 views

WordPress Gwolle Guestbook 2.5.3 Cross Site Scripting

DefenseCode ThunderScan SAST Advisory: WordPress Gwolle Guestbook Plugin XSS Security Vulnerability Advisory ID: DC-2018-05-008 Advisory Title: WordPress Gwolle Guestbook Plugin XSS Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Gwolle Guestbook...

Exploits0
Openbugbounty
Openbugbounty
added 2016/05/17 2:19 p.m.11 views

nl.yakult.be XSS vulnerability

Open Bug Bounty ID: OBB-154430 Description| Value ---|--- Affected Website:| nl.yakult.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/17 12:0 a.m.31 views

WordPress Sender 0.7 Cross Site Scripting

Plugin Name : Sender Effected Version : 0.7 and most probably lower version's if any Vulnerability : A3-Cross-Site Scripting XSS Identified by : Madhu Akula Technical Details Minimum Level of Access Required : Administrator PoC - Proof of Concept : The following fields put the payload as below...

7.4AI score
Exploits0
xssed
xssed
added 2012/01/30 12:0 a.m.15 views

Unfixed XSS vulnerability at www.immosprint.com

Security researcher Atmon3r, has submitted on 30/01/2012 a cross-site-scripting XSS vulnerability affecting www.immosprint.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/02/2012. It is currently...

6.6AI score
Exploits0References1
OSV
OSV
added 2006/09/15 7:7 p.m.11 views

CVE-2006-4569

The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting XSS attacks...

5.4AI score
Exploits0References29
Exploit DB
Exploit DB
added 2004/01/12 12:0 a.m.21 views

PHPGedView 2.5/2.6 - &#039;login.php?URL&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/11903/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remote attacker to create a malicious...

7.4AI score
Exploits0
Rows per page
Query Builder