3 matches found
CVE-2024-43005
CVE-2024-43005 describes a reflected XSS in ZZCMS v2023, specifically in the dl_liuyan_save.php component, enabling attackers to run arbitrary scripts in a user’s browser by injecting crafted payloads. Concretely, multiple sources confirm the vulnerability in the ZZCMS 2023 payload handling path....
CVE-2023-40984
A reflected cross-site scripting XSS vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Replace in Results file...
CVE-2023-34637
A stored cross-site scripting XSS vulnerability in IsarNet AG IsarFlow v5.23 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the dashboard title parameter in the IsarFlow Portal...