Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Snyk
Snykadded 2024/10/07 2:55 p.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to invalid values that contain a specific set of characters. Note: This is only vulnerable if a user opens a page on which a paragraph widget is rendered. Details Cross-site scripting or XSS is a code...

6.1CVSS5.2AI score0.00141EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/05/01 5:39 a.m.14 views

CVE-2024-32966 Stored Cross-site Scripting in directory listings via file names in static-web-server

Static Web Server SWS is a tiny and fast production-ready web server suitable to serve static web files or assets. In affected versions if directory listings are enabled for a directory that an untrusted user has upload privileges for, a malicious file name like .txt will allow JavaScript code...

5.8CVSS6AI score0.00046EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/01/30 5:21 p.m.4 views

CVE-2024-24556 XSS in @urql/next

urql is a GraphQL client that exposes a set of helpers for several frameworks. The @urql/next package is vulnerable to XSS. To exploit this an attacker would need to ensure that the response returns html tags and that the web-application is using streamed responses non-RSC. This vulnerability is...

7.2CVSS7.1AI score0.00473EPSS
Exploits0References2
AlpineLinux
AlpineLinuxadded 2023/09/05 9:9 p.m.28 views

CVE-2023-39516

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability which allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti...

6.1CVSS6.8AI score0.00324EPSS
Exploits1References6
Github Security Blog
Github Security Blogadded 2021/11/16 5:4 p.m.41 views

Cross-site scripting (XSS) from image block content in the site frontend

Impact Kirby's blocks field stores structured data for each block. This data is then used in block snippets to convert the blocks to HTML for use in your templates. We recommend to escape HTML special characters against cross-site scripting XSS attacks. Cross-site scripting XSS is a type of...

7.3CVSS0.00914EPSS
Exploits0References5Affected Software1
OPENSUSE Linux
OPENSUSE Linuxadded 2018/08/13 3:8 p.m.68 views

Security update for mailman (moderate)

This update for mailman fixes the following issues: Security issue fixed: - CVE-2018-13796: Fix a content spoofing vulnerability with invalid list name messages inside the web UI boo1101288. Bug fixes: - update to 2.1.29: Fixed the listinfo and admin overview pages that were broken - update to...

6.7AI score0.00725EPSS
Exploits0References1
Rows per page
Query Builder