Lucene search
K

857 matches found

Vulnrichment
Vulnrichment
added 2026/04/07 9:51 p.m.3 views

CVE-2026-39933 Multiple XSS vulnerabilities in GlobalWatchlist

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki version...

6.9CVSS5.8AI score0.00335EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.6 views

CVE-2026-32454

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeFusion Avada Core fusion-core allows DOM-Based XSS.This issue affects Avada Core: from n/a through 5.15.0...

6.5CVSS5.8AI score0.00129EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.4 views

CVE-2026-31918

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in immonex immonex Kickstart immonex-kickstart allows Stored XSS.This issue affects immonex Kickstart: from n/a through = 1.13.0...

6.5CVSS5.8AI score0.00161EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:4 p.m.4 views

CVE-2026-25369

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in flexmls Flexmls® IDX flexmls-idx allows Reflected XSS.This issue affects Flexmls® IDX: from n/a through = 3.15.9...

7.1CVSS5.9AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.5 views

EUVD-2026-15771

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Soledad Data Migrator penci-data-migrator allows Reflected XSS.This issue affects Penci Soledad Data Migrator: from n/a through = 1.3.1...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:17 p.m.6 views

CVE-2026-32517

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kleor Contact Manager contact-manager allows Reflected XSS.This issue affects Contact Manager: from n/a through = 9.1...

7.1CVSS0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 5:17 p.m.3 views

CVE-2026-32518

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imithemes Gaea gaea allows Reflected XSS.This issue affects Gaea: from n/a through 3.8...

7.1CVSS0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 4:16 p.m.5 views

CVE-2026-2349

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal UI Icons allows Cross-Site Scripting XSS.This issue affects UI Icons: from 0.0.0 before 1.0.1, from 1.1.0 before 1.1.1...

6.1CVSS0.00149EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.2 views

CVE-2026-25352 WordPress MyDecor theme < 1.5.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skygroup MyDecor mydecor allows Reflected XSS.This issue affects MyDecor: from n/a through 1.5.9...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.7 views

PT-2026-27868

Name of the Vulnerable Software and Affected Versions NooTheme Organici Library versions n/a through 2.1.2 Description The software contains a flaw due to improper handling of input during the creation of web pages, leading to a 'cross-site scripting' issue. This allows for reflected cross-site...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.7 views

PT-2026-27971

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Soledad Data Migrator penci-data-migrator allows Reflected XSS.This issue affects Penci Soledad Data Migrator: from n/a through = 1.3.1...

5.8AI score0.00175EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.9 views

PT-2026-28035

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows DOM-Based XSS.This issue affects WP Custom Admin Interface: from n/a through = 7.42...

5.8AI score0.00161EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/13 6:30 p.m.3 views

CVE-2025-12454

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0...

5.1CVSS5.6AI score0.00181EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/03/10 6:18 p.m.2 views

CVE-2026-26105

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network...

9.3CVSS0.01262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/10 2:12 a.m.5 views

CVE-2025-70033

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

5.4CVSS5.8AI score0.00235EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/10 12:0 a.m.29 views

CVE-2025-70025

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in benkeen generatedata 4.0.14...

0.00311EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/09 6:31 p.m.4 views

EUVD-2025-208439

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...

6AI score0.00343EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/09 6:31 p.m.5 views

EUVD-2025-208429

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0...

5.4CVSS5.8AI score0.00191EPSS
Exploits0References4
NVD
NVD
added 2026/03/09 6:16 p.m.6 views

CVE-2025-70038

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...

8.8CVSS0.00343EPSS
Exploits0References3
NVD
NVD
added 2026/03/09 6:16 p.m.5 views

CVE-2025-70033

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

5.4CVSS0.00235EPSS
Exploits0References3
Rows per page
Query Builder