Lucene search
K

58 matches found

Exploit DB
Exploit DB
added 2021/05/05 12:0 a.m.163 views

Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting

Exploit Title: Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting Date: 2021-05-04 Exploit Author: strider Software Link: https://github.com/savsofts/savsoftquizv5 Vendor: https://savsoftquiz.com Version: 5.0 Tested on: Ubuntu 20.04 LTS / Kali Linux...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/04/30 12:0 a.m.30 views

EulerOS 2.0 SP3 : python-lxml (EulerOS-SA-2021-1839)

According to the versions of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused differe...

6.1CVSS6.3AI score0.06333EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/03/24 12:0 a.m.34 views

EulerOS 2.0 SP5 : python-lxml (EulerOS-SA-2021-1701)

According to the version of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different...

6.1CVSS7.2AI score0.03934EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.29 views

EulerOS Virtualization for ARM 64 3.0.2.0 : python-lxml (EulerOS-SA-2021-1402)

According to the version of the python-lxml package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browser...

6.1CVSS7.1AI score0.03934EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.24 views

EulerOS Virtualization 3.0.2.6 : python-lxml (EulerOS-SA-2021-1420)

According to the version of the python-lxml package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which...

6.1CVSS7.2AI score0.03934EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.38 views

EulerOS 2.0 SP8 : python-lxml (EulerOS-SA-2021-1166)

According to the version of the python-lxml packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different...

6.1CVSS7.2AI score0.03934EPSS
Exploits1References2
Mageia
Mageia
added 2021/01/17 4:7 p.m.50 views

Updated python-lxml packages fix a security vulnerability

A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code. CVE-2020-27783...

6.1CVSS4.3AI score0.03934EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2021/01/08 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2021-1035)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.7AI score0.03934EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2021/01/07 9:54 p.m.65 views

lxml vulnerable to Cross-site Scripting

A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code...

6.1CVSS6.4AI score0.03934EPSS
Exploits1References16Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/01/04 12:0 a.m.34 views

EulerOS 2.0 SP9 : python-lxml (EulerOS-SA-2021-1035)

According to the version of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different...

6.1CVSS7.2AI score0.03934EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/01/04 12:0 a.m.24 views

EulerOS 2.0 SP9 : python-lxml (EulerOS-SA-2021-1016)

According to the version of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different...

6.1CVSS7.2AI score0.03934EPSS
Exploits1References2
ArchLinux
ArchLinux
added 2020/12/05 12:0 a.m.185 views

[ASA-202012-1] python-lxml: cross-site scripting

Arch Linux Security Advisory ASA-202012-1 ========================================= Severity: Medium Date : 2020-12-05 CVE-ID : CVE-2020-27783 Package : python-lxml Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-1319 Summary ======= The package python-lxml befo...

6.1CVSS0.9AI score0.03934EPSS
Exploits1References3
OSV
OSV
added 2020/12/03 5:15 p.m.29 views

CVE-2020-27783

A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code...

6.1CVSS6AI score
Exploits0References8
AlpineLinux
AlpineLinux
added 2020/12/03 4:39 p.m.60 views

CVE-2020-27783

A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code...

6.1CVSS6.8AI score0.03934EPSS
Exploits1
Debian CVE
Debian CVE
added 2019/02/04 7:0 p.m.27 views

CVE-2019-7340

POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filterQueryterms0val' parameter value in the view filter filter.php because proper filtration is omitted...

6.1CVSS2.1AI score0.00873EPSS
Exploits1
Hacker One
Hacker One
added 2017/10/26 12:18 p.m.32 views

IRCCloud: [IRCCloud Android] XSS in ImageViewerActivity

Hi, I'd like to report HTML/JS injection in activity com.irccloud.android.activity.ImageViewerActivity which is exported: xml so can be launched by arbitrary apps installed on the same device. On the newest Androids could be exploited also by Android Instant Apps directly from a web-browser...

7.3AI score
Exploits0
myhack58
myhack58
added 2017/04/28 12:0 a.m.49 views

The magic of Content-Type to: all versions of the IE browser there is a 0day vulnerability-vulnerability warning-the black bar safety net

We believe that this loophole one day in the future will certainly give you great help. Note that this vulnerability will affect all versions of IE in Win7, And Win8. 1 and Win10 on a test, but MicrosoftEdge not affected by this vulnerability. ! Vulnerability overview The server sends the respons...

0.5AI score
Exploits0
0day.today
0day.today
added 2016/09/13 12:0 a.m.68 views

Open-Xchange App Suite 7.8.2 - Cross Site Scripting

Exploit for cgi platform in category web applications Product: OX App Suite Vendor: OX Software GmbH Internal reference: 46484 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 7.8.2 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status:...

4.3CVSS0.04274EPSS
Exploits4
Exploit DB
Exploit DB
added 2016/09/13 12:0 a.m.35 views

Open-Xchange App Suite 7.8.2 - Cross-Site Scripting

Product: OX App Suite Vendor: OX Software GmbH Internal reference: 46484 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 7.8.2 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.6.2-rev46, 7.6.3-rev1...

6.1CVSS6.3AI score0.04274EPSS
Exploits4
Packet Storm
Packet Storm
added 2016/09/13 12:0 a.m.43 views

Open-Xchange App Suite 7.8.2 Cross Site Scripting

Product: OX App Suite Vendor: OX Software GmbH Internal reference: 46484 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 7.8.2 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.6.2-rev46, 7.6.3-rev1...

6.3AI score0.04274EPSS
Exploits4
Rows per page
Query Builder