CVE-2024-28277

CVE-2024-28277 affects Sourcecodester School Task Manager v1.0. The vulnerability is a Stored Cross-Site Scripting (XSS) in the subject_name/subject name parameter, allowing an attacker to manipulate the subject’s name and potentially execute malicious JavaScript payloads. Root cause is unvalidat...

CVE-2024-0010

CVE-2024-0010 : A reflected cross-site scripting (XSS) vulnerability in the PAN-OS GlobalProtect portal could allow an attacker to execute malicious JavaScript in a user’s browser after clicking a crafted link, enabling phishing and potential credential theft. Affected PAN-OS versions (per connec...

CVE-2022-44575

A vulnerability has been identified in PLM Help Server V4.2 All versions. A reflected cross-site scripting XSS vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link...

phpMyAdmin cross-site scripting vulnerability (CNVD-2021-45285)

phpMyAdmin is a PHP written, Web-based MySQL and MariaDB open source management tools. A cross-site scripting vulnerability exists in the conversion function in phpMyAdmin. An attacker can exploit this vulnerability to execute malicious JavaScript via a specially crafted link...

Cross-Site Scripting in bootstrap-vue

Versions of bootstrap-vue prior to 2.0.0-rc.12 are vulnerable to Cross-Site Scripting. Due to insufficient input sanitization, components may be vulnerable to Cross-Site Scripting through the options variable. This may lead to the execution of malicious JavaScript on the user's browser...