CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's UsingChat page says "If you know some HTML code, you can use it in your text to do things like insert image...

5.4CVSS6.7AI score0.00142EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:22 a.m.•1 views

SUSE CVE-2015-0810

Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interacts with an IMG element...

4.3CVSS8.6AI score0.00396EPSS

Exploits0References3

NVD•added 2022/12/26 2:15 a.m.•9 views

CVE-2022-37307

OX App Suite through 7.10.6 allows XSS via XHTML CDATA for a snippet, as demonstrated by the onerror attribute of an IMG element within an e-mail signature...

6.1CVSS0.01122EPSS

Exploits2References2

Prion•added 2022/12/26 2:15 a.m.•14 views

Cross site scripting

OX App Suite through 7.10.6 allows XSS via XHTML CDATA for a snippet, as demonstrated by the onerror attribute of an IMG element within an e-mail signature...

5.8CVSS6AI score0.01122EPSS

Exploits2References2Affected Software1

CNVD•added 2022/10/14 12:0 a.m.•21 views

Zimbra Collaboration Suite Cross-Site Scripting Vulnerability

Synacor Zimbra Collaboration Suite ZCS is an open source collaboration suite from Synacor, USA. The product includes WebMail, Calendar, Address Book and more. A cross-site scripting vulnerability exists in Zimbra Collaboration Suite version 9.0.0, which stems from the lack of effective filtering...

6.1CVSS6.2AI score0.01073EPSS

Exploits0References1

Tenable Nessus•added 2022/10/13 12:0 a.m.•144 views

Zimbra Collaboration Server 9.0.0 < 9.0.0 Patch 27 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by a multiple vulnerabilities: including the following: - An attacker can upload arbitrary files through amavisd via a cpio loophole that can lead to incorrect access to any other user accounts. CVE-2022-41352 ...

9.8CVSS8.3AI score0.93958EPSS

Exploits11References6

NVD•added 2022/10/12 8:15 p.m.•12 views

CVE-2022-41348

An issue was discovered in Zimbra Collaboration ZCS 9.0. XSS can occur via the onerror attribute of an IMG element, leading to information disclosure...

6.1CVSS0.01073EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by