EUVD-2006-1761

Malware in sbrugna...

EUVD-2022-2020

Malicious code in bioql PyPI...

CVE-2025-6700

A vulnerability classified as problematic was found in Xuxueli xxl-sso 1.1.0. This vulnerability affects unknown code of the file /xxl-sso-server/login. The manipulation of the argument errorMsg leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to...

CVE-2025-6700 Xuxueli xxl-sso login cross site scripting

A vulnerability classified as problematic was found in Xuxueli xxl-sso 1.1.0. This vulnerability affects unknown code of the file /xxl-sso-server/login. The manipulation of the argument errorMsg leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to...

PT-2025-26989 · Xuxueli · Xuxueli Xxl-Sso

Name of the Vulnerable Software and Affected Versions: Xuxueli xxl-sso version 1.1.0 Description: A problematic issue was found in the software, affecting the /xxl-sso-server/login file. The manipulation of the errorMsg argument leads to cross-site scripting. The attack can be initiated remotely...

CVE-2022-40879

kkFileView v4.1.0 is vulnerable to Cross Site Scripting XSS via the parameter 'errorMsg.'...

Improper Input Validation

github.com/rancher/rancher is vulnerable to Improper Input Validation. The vulnerability is due to the tampering of the errorMsg parameter, allowing for the display of arbitrary content, filtering tags but not special characters or symbols. This can lead to malicious users to lure legitimate user...

CVE-2022-40879

kkFileView v4.1.0 is vulnerable to Cross Site Scripting XSS via the parameter 'errorMsg.'...

CVE-2022-40879

kkFileView v4.1.0 is vulnerable to Cross Site Scripting XSS via the parameter 'errorMsg.'...

Cross site scripting

kkFileView v4.1.0 is vulnerable to Cross Site Scripting XSS via the parameter 'errorMsg.'...

CVE-2022-40879

kkFileView v4.1.0 is vulnerable to Cross Site Scripting XSS via the parameter 'errorMsg.'...

PT-2022-25603 · Unknown · Kkfileview

Name of the Vulnerable Software and Affected Versions: kkFileView version 4.1.0 Description: The issue concerns a Cross Site Scripting XSS problem. It can be exploited via the errorMsg parameter. Recommendations: For kkFileView version 4.1.0, consider restricting the use of the errorMsg parameter...

amokabel.no Cross Site Scripting vulnerability OBB-1261470

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2019-11881

A vulnerability exists in Rancher before 2.2.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to...

CVE-2019-11881

Summary: CVE-2019-11881 affects Rancher server versions prior to 2.2.4, in the login component. The vulnerability arises from tampering with the “errorMsg” parameter, which can display arbitrary content after filtering tags but not special characters, enabling attackers to lure users to phishing ...

CVE-2017-15009

PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected Cross-Site Scripting on error.htm the error page, via the errormsg parameter...

CVE-2017-15009

PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected Cross-Site Scripting on error.htm the error page, via the errormsg parameter...

CVE-2013-3589

Cross-site scripting XSS vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter...

CVE-2013-3589

Cross-site scripting XSS vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter...