Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

NVD
NVDadded 2024/04/04 6:15 p.m.10 views

CVE-2024-25708

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Web App Builder versions 10.9.1 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s...

4.8CVSS5.6AI score0.00195EPSS
Exploits0References1
Prion
Prionadded 2023/07/21 12:15 a.m.11 views

Cross site scripting

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link that is stored in the site configuration which when clicked could potentially execute arbitrary JavaScrip...

4.3CVSS5.4AI score0.00376EPSS
Exploits0References1Affected Software1
Hacker One
Hacker Oneadded 2022/01/21 2:34 p.m.31 views

U.S. Dept Of Defense: Reflected XSS at https://██████/██████ via "██████" parameter

There is Reflected Cross site scripting issue at the following url: https://██████████/██████ Proof Of Concept https://████████/█████████████████=%22%3E%3Csvg/onload=alert1%3E█████████ █████ Best Regards @pelegn Impact Cookies Exfiltration SOAP Bypass CORS Bypass Executing javascript on the victi...

1.1AI score
Exploits0
Hacker One
Hacker Oneadded 2022/01/21 12:16 p.m.32 views

U.S. Dept Of Defense: Reflected XSS at https://█████████ via "███" parameter

Description: There is Reflected Cross site scripting issue at the following url: https://█████████ Proof Of Concept https://███████?████████=%22%3E%3Cimg%20src=x%20onerror=alertdocument.domain%3E █████ Best Regards @pelegn Impact Cookies Exfiltration SOAP Bypass CORS Bypass Executing javascript o...

1.2AI score
Exploits0
Hacker One
Hacker Oneadded 2021/04/05 1:15 p.m.13 views

U.S. Dept Of Defense: Reflected XSS through clickjacking at https://████

Description: I'm able to control the url being inserted into the query line at https://█████/████&url=http%3a%2f%2fgalnagli.com%2f%3Cimg+src%3dx+onerror%3dalert%28document.domain%29%3E The server issues a request there is also SSRF here I'll report later to the domain specified, and it renders th...

0.3AI score
Exploits0
UbuntuCve
UbuntuCveadded 2017/10/11 1:32 a.m.19 views

CVE-2017-15215

Reflected XSS vulnerability in Shaarli v0.9.1 allows an unauthenticated attacker to inject JavaScript via the searchtags parameter to index.php. If the victim is an administrator, an attacker can for example take over the admin session or change global settings or add/delete links. It is also...

6.1CVSS6.5AI score0.01038EPSS
Exploits0References4
Rows per page
Query Builder