CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

WPVulnDB•added 2022/05/30 12:0 a.m.•21 views

Print, PDF, Email by PrintFriendly < 5.2.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the Custom Button Text settings, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC In the plugin's settings, tick 'Custom Button' and put the following...

4.8CVSS1AI score0.00552EPSS

Exploits2Affected Software1

OSV•added 2022/01/06 5:15 a.m.•2 views

DEBIAN-CVE-2021-46144

Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets CSS token sequences...

6.1CVSS6.9AI score0.01045EPSS

Exploits0References1

Prion•added 2021/02/09 9:15 a.m.•19 views

Design/Logic Flaw

Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets CSS token sequences during HTML email rendering...

3.5CVSS5AI score0.01006EPSS

Exploits0References4Affected Software2

securityvulns•added 2010/11/24 12:0 a.m.•53 views

[eVuln.com] email XSS in SimpLISTic

New eVuln Advisory: email XSS in SimpLISTic Summary: http://evuln.com/vulns/145/summary.html Details: http://evuln.com/vulns/145/description.html -----------Summary----------- eVuln ID: EV0145 Software: SimpLISTic Vendor: Mrcgiguy Version: 2.0 Critical Level: low Type: Cross Site Scripting Status...

6.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by