Lucene search
+L

859 matches found

NVD
NVD
added 2026/03/09 6:16 p.m.7 views

CVE-2025-70038

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...

8.8CVSS0.00343EPSS
Exploits0References3
NVD
NVD
added 2026/03/09 6:16 p.m.6 views

CVE-2025-70033

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

5.4CVSS0.00235EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/09 12:0 a.m.5 views

CVE-2025-70060

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0...

5.8AI score0.00191EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/09 12:0 a.m.5 views

CVE-2025-70060

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0...

5.4CVSS5.8AI score0.00191EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/09 12:0 a.m.2 views

CVE-2025-70033

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

5.4CVSS5.8AI score0.00235EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/09 12:0 a.m.30 views

CVE-2025-70038

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...

0.00343EPSS
Exploits0References3
OSV
OSV
added 2026/03/09 12:0 a.m.5 views

CVE-2025-70033

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

5.4CVSS5.8AI score0.00235EPSS
Exploits0References5
OSV
OSV
added 2026/03/09 12:0 a.m.6 views

CVE-2025-70060

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0...

5.4CVSS5.8AI score0.00191EPSS
Exploits0References5
NVD
NVD
added 2026/03/05 6:16 a.m.12 views

CVE-2026-28103

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LBG Zoominoutslider lbgzoominoutslider allows Reflected XSS.This issue affects LBG Zoominoutslider: from n/a through = 5.4.5...

7.1CVSS0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/05 5:54 a.m.7 views

CVE-2026-28122

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CridioStudio ListingPro listingpro-plugin allows Reflected XSS.This issue affects ListingPro: from n/a through = 2.9.8...

5.9AI score0.00146EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/05 5:53 a.m.3 views

CVE-2026-27352

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Starto allows Reflected XSS.This issue affects Starto: from n/a before 2.2.5...

7.1CVSS5.9AI score0.00191EPSS
Exploits0References3
CVE
CVE
added 2026/03/05 5:53 a.m.13 views

CVE-2026-22438

The CVE CVE-2026-22438 describes a reflected Cross‑Site Scripting vulnerability in the WordPress TheBi theme, affecting versions through 1.0.5. The issue arises from improper input neutralization during web page generation, enabling an attacker to craft a URL that, when visited by a user, execute...

7.1CVSS5.9AI score0.00237EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.9 views

PT-2026-23376

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup UberSlider MouseInteraction uberSlider mouseinteraction allows Reflected XSS.This issue affects UberSlider MouseInteraction: from n/a through = 2.3...

5.9AI score0.0018EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/26 12:6 p.m.6 views

CVE-2025-14343 Reflected XSS in Dokuzsoft Technology's E-Commerce Product

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Dokuzsoft Technology Ltd. E-Commerce Product allows Reflected XSS. This issue affects E-Commerce Product: through 10122025...

7.6CVSS5.8AI score0.00185EPSS
Exploits0References2
NVD
NVD
added 2026/02/26 11:16 a.m.20 views

CVE-2025-64999

Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link...

7.3CVSS0.00141EPSS
Exploits1References2
OSV
OSV
added 2026/02/26 10:26 a.m.9 views

CVE-2025-64999 Cross-site scripting in HTML logs of Synthetic Monitoring test services

Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link...

7.3CVSS5.9AI score0.00141EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.5 views

CVE-2026-22357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through = 0.9.2...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.6 views

CVE-2024-56208

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in desertthemes NewsMash newsmash allows Stored XSS.This issue affects NewsMash: from n/a through = 1.0.71...

6.5CVSS0.00215EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:46 p.m.8 views

CVE-2025-69296

CVE-2025-69296 is a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress theme Aardvark (GhostPool Aardvark aardvark), affecting versions up to and including 4.6.3 . The root cause is improper input neutralization during web page generation, enabling an attacker to inject arbitrary...

7.1CVSS5.5AI score0.0023EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.8 views

PT-2026-21045

Name of the Vulnerable Software and Affected Versions FluentCart versions prior to 1.3.0 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting XSS condition. This allows an attacker to inject...

5.4AI score0.0023EPSS
Exploits0References3
Rows per page
Query Builder