CVE-2025-40598

A Reflected cross-site scripting XSS vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code...

CVE-2023-50717 NocoDB Allows Preview of File with Dangerous Content

NocoDB is software for building databases as spreadsheets. Starting in verson 0.202.6 and prior to version 0.202.10, an attacker can upload a html file with malicious content. If user tries to open that file in browser malicious scripts can be executed leading stored cross-site scripting attack...

Multiple Siemens products open to redirection vulnerabilities

Siemens Desigo PX is a building automation control system from Siemens Germany. Several Siemens products have an open redirection vulnerability, which stems from the fact that the device's embedded browser does not prevent interaction with an alternate URI scheme when the Web application code...

Google Chrome < 59.0.3071.86 Multiple Vulnerabilities

Binary data 700131.pasl...

XSS vulnerability on password reset page

Impact For Mautic versions prior to 3.3.4, there is an XSS vulnerability on Mautic's password reset page where a vulnerable parameter, "bundle," in the URL could allow an attacker to execute Javascript code. The attacker would be required to convince or trick the target into clicking a password...