848 matches found
CVE-2026-44541
Fides is an open-source privacy engineering platform. From version 2.33.0 to before version 2.84.5, there is a DOM-based XSS vulnerability in fides.js via the fidesdescription override. This issue has been patched in version 2.84.5...
CVE-2026-6990
A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown function of the file /sigawf/app/responsavel/novo. Performing a manipulation of the argument Nome/Descrição results in cross site scripting. The attack can be initiated remotely. The exploit has been made...
Projectworlds Lawyer Management System 代码注入漏洞
The Projectworlds Lawyer Management System is an open-source lawyer management system developed by Projectworlds. Version 1.0 of the Projectworlds Lawyer Management System contains a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter “Description” in t...
CVE-2025-62358
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, the log parameter in configuracaogeral.php is vulnerable to Reflected Cross-Site Scripting XSS. An attacker can inject arbitrary JavaScript, which executes in the victim’s browser. This...
Russian FSB Cross Site Scripting
/! - VULNERABILITY: Cross Site Scripting Federal Security Service of the Russian Federation - Authenticated Persistent XSS - GOOGLE DORK: inurl:fsb.ru/fsb/sh.htm?query= - DATE: 2024-11-29 - SECURITY RESEARCHER: E1.Coders - VENDOR: FSB http://www.fsb.ru/ - SOFTWARE LINK: http://www.fsb.ru/ - CVSS:...
xepcoh.info Cross Site Scripting vulnerability OBB-3958783
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
llm.net.tw Cross Site Scripting vulnerability OBB-3953735
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2024-41354
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/widgets/edit.php...
afg.sk Cross Site Scripting vulnerability OBB-3950773
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2024-41357
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/powerDNS/record-edit.php...
CVE-2024-41356
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\firewall-zones\zones-edit-network.php...
CVE-2024-41355
The CVE-2024-41355 entry concerns phpipam 1.6 and a Cross Site Scripting (XSS) vulnerability exploitable through /app/tools/request-ip/index.php. The connected sources confirm the affected product and endpoint but do not provide details on root cause, exploitability status, or a patch/remediation...
CVE-2024-41354
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/admin/widgets/edit.php...
CVE-2024-41355
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/tools/request-ip/index.php...
CVE-2024-41353
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\groups\edit-group.php...
CVE-2024-6938
SiYuan 3.1.0 is affected by CVE-2024-6938 in the PDF Handler’s PDF.js functionality. The vulnerability enables cross-site scripting via the PDF.js component, with remote exploitation possible. The PT-2024-37976 entry confirms this affects SiYuan 3.1.0 and attributes the issue to the PDF.js file w...
workbench.sdsc.edu Cross Site Scripting vulnerability OBB-3947811
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
tubbytodd.com.xx3.kz Cross Site Scripting vulnerability OBB-3947322
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
mykts.com Cross Site Scripting vulnerability OBB-3946316
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
carmf.fr Cross Site Scripting vulnerability OBB-3940408
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...