Lucene search
K

66 matches found

NVD
NVD
added 2026/06/09 5:16 a.m.13 views

CVE-2026-41846

Spring MVC applications which accept user-supplied values in the cssClass, cssErrorClass, or cssStyle attributes of JSP form tags allow arbitrary HTML/JavaScript code injection, potentially resulting in a cross-site scripting XSS vulnerability. Affected versions: Spring Framework 7.0.0 through...

6.1CVSS0.0014EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Spring Framework 跨站脚本漏洞

The Spring Framework is an application development framework developed by Spring in open source. Versions 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 have cross-site scripting vulnerabilities. These vulnerabilities stem from the cssClass, cssErrorClass, or cssStyle...

6.1CVSS5.2AI score0.0014EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-47657

Name of the Vulnerable Software and Affected Versions Spring Framework versions 7.0.0 through 7.0.7 Spring Framework versions 6.2.0 through 6.2.18 Spring Framework versions 6.1.0 through 6.1.27 Spring Framework versions 5.3.0 through 5.3.48 Description Spring MVC applications that accept...

6.1CVSS5AI score0.0014EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/01/09 10:9 a.m.12 views

CVE-2019-11886

The WaspThemes Visual CSS Style Editor aka yellow-pencil-visual-theme-customizer plugin before 7.2.1 for WordPress allows ypoptionupdate CSRF, as demonstrated by use of ypremoteget to obtain admin access...

8.8CVSS6.9AI score0.0189EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-11846

Malware in sbrugna...

6.1CVSS6.2AI score0.01397EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-1420

Malware in sbrugna...

9.3CVSS6AI score0.06691EPSS
Exploits0References27
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2004-1865

Malware in sbrugna...

4.3CVSS6.4AI score0.0181EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2022-36997

Malicious code in bioql PyPI...

4.8CVSS6.4AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:36 a.m.51 views

CVE-2022-33961

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WaspThemes Visual CSS Style Editor plugin = 7.5.8 versions...

4.8CVSS5.6AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.4 views

CVE-2021-24934

The Visual CSS Style Editor WordPress plugin before 7.5.4 does not sanitise and escape the wyppagetype parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS6.2AI score0.01397EPSS
Exploits2References1
Fedora
Fedora
added 2025/02/15 2:37 a.m.11 views

[SECURITY] Fedora 41 Update: nginx-mod-fancyindex-0.5.2-10.fc41

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

5.3CVSS6.4AI score0.02557EPSS
Exploits0
Fedora
Fedora
added 2025/02/15 2:23 a.m.13 views

[SECURITY] Fedora 40 Update: nginx-mod-fancyindex-0.5.2-8.fc40

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

5.3CVSS6.4AI score0.02557EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 8:20 a.m.8 views

CVE-2024-47348

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YellowPencil YellowPencil Visual CSS Style Editor yellow-pencil-visual-theme-customizer allows Reflected XSS.This issue affects YellowPencil Visual CSS Style Editor: from n/a through = 7.6.4...

7.1CVSS5.9AI score0.0029EPSS
Exploits0References1
NVD
NVD
added 2024/10/06 11:15 a.m.23 views

CVE-2024-47348

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YellowPencil YellowPencil Visual CSS Style Editor yellow-pencil-visual-theme-customizer allows Reflected XSS.This issue affects YellowPencil Visual CSS Style Editor: from n/a through = 7.6.4...

7.1CVSS0.0029EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/06 10:28 a.m.16 views

CVE-2024-47348 WordPress Visual CSS Style Editor plugin <= 7.6.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WaspThemes YellowPencil Visual CSS Style Editor allows Reflected XSS.This issue affects YellowPencil Visual CSS Style Editor: from n/a through 7.6.4...

7.1CVSS7AI score0.0029EPSS
Exploits0References1
Fedora
Fedora
added 2024/08/26 2:5 a.m.32 views

[SECURITY] Fedora 40 Update: nginx-mod-fancyindex-0.5.2-7.fc40

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

5.7CVSS4.6AI score0.0032EPSS
Exploits0
Patchstack
Patchstack
added 2024/08/26 12:0 a.m.15 views

WordPress YellowPencil Visual CSS Style Editor Plugin <= 7.6.1 is vulnerable to Cross Site Scripting (XSS)

Software YellowPencil Visual CSS Style Editor Type Plugin Vulnerable versions = 7.6.1 Fixed in 7.6.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43963 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c8ac87b1f76e Credits Le Ngoc Anh...

7.1CVSS6.5AI score0.00329EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/04/30 8:15 p.m.10 views

CVE-2024-33437

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules...

7.5CVSS6.1AI score0.00757EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/04/30 12:0 a.m.8 views

CVE-2024-33437

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules...

6.5AI score0.00757EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/04/30 12:0 a.m.25 views

CVE-2024-33437

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules...

6.3AI score0.00757EPSS
Exploits1References2
Rows per page
Query Builder