Lucene search
K

859 matches found

ATTACKERKB
ATTACKERKB
added 2021/12/26 12:15 p.m.7 views

CVE-2021-4169

livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

6.1CVSS5.9AI score0.00948EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2021/12/24 8:15 p.m.3 views

CVE-2021-3977

invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

6.5CVSS6.4AI score0.00592EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2021/12/21 1:15 p.m.6 views

CVE-2021-4139

pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

9CVSS6.8AI score0.00877EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2021/12/17 1:15 p.m.6 views

CVE-2021-4132

livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

7.3CVSS6.6AI score0.00634EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/12/17 12:0 a.m.4 views

PT-2021-23274 · Unknown · Livehelperchat

Name of the Vulnerable Software and Affected Versions: livehelperchat affected versions not specified Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This means that the software does not properly neutralize use...

7.3CVSS6AI score0.00634EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 2021/12/16 2:15 p.m.8 views

CVE-2021-4124

janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

8.1CVSS6.8AI score0.00942EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/12/16 12:0 a.m.2 views

PT-2021-23206 · Unknown +2 · Janus-Gateway +2

Name of the Vulnerable Software and Affected Versions: janus-gateway affected versions not specified Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This means that the software fails to properly neutralize user...

8.8CVSS8.1AI score0.00942EPSS
Exploits2References18
ATTACKERKB
ATTACKERKB
added 2021/12/14 3:15 p.m.6 views

CVE-2021-4107

yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

6.1CVSS5.9AI score0.00782EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/10/27 12:0 a.m.5 views

Grav 跨站脚本漏洞

Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms, and one-page product presentations. A cross-site scripting vulnerability exists in grav, which stems from the vulnerability of grav to incorrect input neutralization "cross-site scripting"...

6.3CVSS5.9AI score0.00573EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2021/09/15 12:15 p.m.2 views

CVE-2021-3783

yourls is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

6.6CVSS6.6AI score0.00696EPSS
Exploits0References3
OSV
OSV
added 2021/08/04 7:15 p.m.4 views

CVE-2021-24014

Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox before 4.0.0 may allow an unauthenticated attacker to perform an XSS attack via specifically crafted request parameters...

6.1CVSS5.8AI score0.00614EPSS
Exploits0References1
ICS
ICS
added 2021/02/23 12:0 a.m.126 views

Advantech Spectre RT Industrial Routers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: Spectre RT Industrial Routers Vulnerabilities: Improper Neutralization of Input During Web Page Generation, Cleartext Transmission of Sensitive Information, Improper...

9.8CVSS9.9AI score0.01484EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.29 views

Debian DLA-2545-1 : open-build-service security update

CVE-2020-8020 An improper neutralization of input during web page generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. CVE-2020-8021 An improper access control vulnerability in open-build-service allows remote attackers to read files of a...

6.5CVSS5.9AI score0.01267EPSS
Exploits1References5
OSV
OSV
added 2020/07/29 1:15 p.m.3 views

CVE-2020-14492

OpenClinic GA 5.09.02 and 5.89.05b does not properly neutralize user-controllable input, which may allow the execution of malicious code within the user’s browser...

6.1CVSS6.9AI score0.01216EPSS
Exploits0References1
Fortinet
Fortinet
added 2020/06/03 12:0 a.m.26 views

XSS vulnerability in the Description Area of the Admin Profile

An improper neutralization of input vulnerability in the Admin Profile of FortiAnalyzer may allow a remote authenticated attacker to perform a stored cross site scripting attack XSS via the Description Area...

3.5CVSS3.6AI score0.00857EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2020/03/24 12:0 a.m.1 views

Andover Continuum Cross-Site Scripting Vulnerability (CNVD-2020-19526)

Andover Continuum is a BACnet building management system from Schneider Electric. A cross-site scripting vulnerability exists in Andover Continuum. The vulnerability stems from improper neutralization of inputs during web page generation. An attacker could exploit this vulnerability to conduct a...

6.1CVSS6.2AI score0.00773EPSS
Exploits0References1
OSV
OSV
added 2020/03/13 4:15 p.m.4 views

CVE-2019-6699

An improper neutralization of input vulnerability in Fortinet FortiADC 5.3.3 and earlier may allow an attacker to execute a stored Cross Site Scripting XSS via a field in the traffic group interface...

5.4CVSS6.1AI score0.00545EPSS
Exploits0References1
OSV
OSV
added 2019/11/27 2:15 p.m.3 views

CVE-2019-13934

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a reflected XSS vulnerability. This issue affects: Siemens AG Polarion All versions 19.2...

5.4CVSS6.1AI score0.00521EPSS
Exploits0References1
OSV
OSV
added 2019/05/01 7:29 p.m.5 views

CVE-2019-6562

In Philips Tasy EMR, Tasy EMR Versions 3.02.1744 and prior, the software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users...

5.4CVSS6.1AI score0.00683EPSS
Exploits0References1
Rows per page
Query Builder