Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.7 views

CVE-2024-37460

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SuperSaaS SuperSaaS – online appointment scheduling allows Stored XSS.This issue affects SuperSaaS – online appointment scheduling: from n/a through 2.1.9...

6.5CVSS6.8AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 2024/07/21 10:15 p.m.27 views

CVE-2024-37460

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SuperSaaS SuperSaaS – online appointment scheduling allows Stored XSS.This issue affects SuperSaaS – online appointment scheduling: from n/a through 2.1.9...

6.5CVSS0.00277EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/21 9:36 p.m.21 views

CVE-2024-37460 WordPress SuperSaaS – online appointment scheduling plugin <= 2.1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SuperSaaS SuperSaaS – online appointment scheduling allows Stored XSS.This issue affects SuperSaaS – online appointment scheduling: from n/a through 2.1.9...

6.5CVSS0.00277EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/21 9:36 p.m.13 views

CVE-2024-37460 WordPress SuperSaaS – online appointment scheduling plugin <= 2.1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SuperSaaS SuperSaaS – online appointment scheduling allows Stored XSS.This issue affects SuperSaaS – online appointment scheduling: from n/a through 2.1.9...

6.5CVSS6.8AI score0.00277EPSS
Exploits0References1
CVE
CVE
added 2024/07/21 9:36 p.m.60 views

CVE-2024-37460

CVE-2024-37460 is a Stored XSS in the WordPress plugin “SuperSaaS – online appointment scheduling” (vulnerable range: from n/a through 2.1.9). The root cause is Improper Neutralization of Input During Web Page Generation, allowing injected scripts to be stored and potentially executed in pages ge...

6.5CVSS6.5AI score0.00277EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.13 views

WordPress SuperSaaS – online appointment scheduling Plugin <= 2.1.9 is vulnerable to Cross Site Scripting (XSS)

Software SuperSaaS – online appointment scheduling Type Plugin Vulnerable versions = 2.1.9 Fixed in 2.1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37460 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a09268a4b2f3 Credits LVT-tholv2k...

6.5CVSS6.6AI score0.00277EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder