CVE-2025-48055 Combodo iTop has stored XSS in user portal's browse brick

Combodo iTop is a web based IT service management tool. In versions prior to 3.2.2, when displaying content in a browse brick in the user portal, a cross-site scripting attack can occur. This is fixed in versions 3.2.2 and 3.3.0...

CVE-2025-48055

The CVE-2025-48055 entry concerns Combodo iTop, a web-based IT service management tool. Concrete details across connected sources show a stored XSS vulnerability in the user portal’s browse brick, affecting versions prior to 3.2.2. The root cause is improper handling/display of content in the bro...

CVE-2024-35234

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch and version 3.3.0.beta3 on the tests-passed branch, an attacker can execute arbitrary JavaScript on users’ browsers by posting a specific URL containing maliciously crafted meta tags. This issue only...

WordPress Elements kit Elementor addons Plugin <= 3.2.9 is vulnerable to Cross Site Scripting (XSS)

Software Elements kit Elementor addons Type Plugin Vulnerable versions = 3.2.9 Fixed in 3.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10091 Patch priority Low CVSS severity Low 6.5 Developer Wpmet PSID 3cb44087a1e4 Credits zer0gh0st Required...