Lucene search
+L

28 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:46 a.m.13 views

CVE-2024-25875

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Undertitle text field...

6.1CVSS5.7AI score0.00424EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:45 a.m.14 views

CVE-2024-25874

A cross-site scripting XSS vulnerability in the New/Edit Article module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Create Tag text field...

5.4CVSS5.2AI score0.00397EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:31 a.m.12 views

CVE-2024-25876

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field...

6.1CVSS5.7AI score0.00443EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2024/02/22 3:30 p.m.22 views

Enhavo Cross-site Scripting vulnerability

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field...

6.1CVSS5.7AI score0.00443EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/02/22 3:30 p.m.13 views

GHSA-38M8-5GFC-663G Enhavo Cross-site Scripting vulnerability

A cross-site scripting XSS vulnerability in the New/Edit Article module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Create Tag text field...

5.4CVSS5.2AI score0.00397EPSS
Exploits1References4
OSV
OSV
added 2024/02/22 3:30 p.m.13 views

GHSA-C579-HHW5-CR3P Enhavo Cross-site Scripting vulnerability

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Undertitle text field...

6.1CVSS5.8AI score0.00424EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2024/02/22 3:30 p.m.26 views

Enhavo Cross-site Scripting vulnerability

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Undertitle text field...

6.1CVSS5.7AI score0.00424EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2024/02/22 3:30 p.m.19 views

Enhavo Cross-site Scripting vulnerability

A cross-site scripting XSS vulnerability in the New/Edit Article module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Create Tag text field...

5.4CVSS5.7AI score0.00397EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/02/22 2:15 p.m.30 views

CVE-2024-25876

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field...

6.1CVSS5.5AI score0.00443EPSS
Exploits1References2
NVD
NVD
added 2024/02/22 2:15 p.m.15 views

CVE-2024-25874

A cross-site scripting XSS vulnerability in the New/Edit Article module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Create Tag text field...

5.4CVSS5.5AI score0.00397EPSS
Exploits1References2
Prion
Prion
added 2024/02/22 2:15 p.m.13 views

Cross site scripting

A cross-site scripting XSS vulnerability in the New/Edit Article module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Create Tag text field...

6.1AI score0.00397EPSS
Exploits1References2
Prion
Prion
added 2024/02/22 2:15 p.m.20 views

Cross site scripting

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field...

6.1AI score0.00443EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/02/22 12:0 a.m.12 views

CVE-2024-25876

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field...

5.9AI score0.00443EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/02/22 12:0 a.m.4 views

Enhavo CMS Security Vulnerability

Enhavo CMS is a content management system from Enhavo. A security vulnerability exists in Enhavo CMS version v0.13.1. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the Undertitle text field...

6.1CVSS6.7AI score0.00424EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/02/22 12:0 a.m.22 views

CVE-2024-25875

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Undertitle text field...

5.7AI score0.00424EPSS
Exploits1References2
CVE
CVE
added 2024/02/22 12:0 a.m.3793 views

CVE-2024-25875

CVE-2024-25875 is an XSS vulnerability in the Header module of Enhavo CMS v0.13.1, exploitable via crafted input in the Undertitle text field. Affected component: Undertitle handling in the Header module; root cause: insufficient input validation/escaping in Undertitle processing as described acr...

6.1CVSS5.6AI score0.00424EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/02/22 12:0 a.m.25 views

CVE-2024-25875

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Undertitle text field...

5.7AI score0.00424EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/02/22 12:0 a.m.39 views

CVE-2024-25876

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field...

5.7AI score0.00443EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/02/22 12:0 a.m.4 views

Enhavo CMS Security Vulnerability

Enhavo CMS is a content management system from Enhavo Inc. A security vulnerability exists in Enhavo CMS version v0.13.1, which stems from the presence of an HTML injection vulnerability that allows an attacker to execute arbitrary code via a specially crafted payload...

5.4CVSS7.8AI score0.00482EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/02/22 12:0 a.m.12 views

CVE-2024-25874

A cross-site scripting XSS vulnerability in the New/Edit Article module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Create Tag text field...

5.2AI score0.00397EPSS
Exploits1References2
Rows per page
Query Builder