Lucene search
K

5663 matches found

RedhatCVE
RedhatCVE
added 2026/05/15 7:57 p.m.14 views

CVE-2026-42897

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

8.1CVSS6AI score0.0564EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.14 views

CVE-2026-41610

Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

6.3CVSS5.8AI score0.00599EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:58 p.m.5 views

CVE-2026-41610

Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

6.3CVSS5.8AI score0.00599EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/07 3:38 p.m.18 views

EUVD-2026-28369

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from n/a through 1.9.2 to 2.2...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/07 2:0 p.m.10 views

Azure Machine Learning Notebook Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network...

8.8CVSS5.8AI score0.00579EPSS
Exploits0
NVD
NVD
added 2026/05/07 1:16 p.m.10 views

CVE-2026-5784

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2...

8.8CVSS0.00327EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/07 12:54 p.m.8 views

CVE-2026-5784

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2...

8.8CVSS5.8AI score0.00327EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/07 12:31 p.m.12 views

EUVD-2026-28349

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Gosoft Software Industry and Trade Ltd. Co. Proticaret E-Commerce allows Cross-Site Scripting XSS, Reflected XSS. This issue affects Proticaret E-Commerce: from v5.0.0 before V 6.0.1767.1383...

8.8CVSS5.8AI score0.00339EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/07 7:54 a.m.8 views

CVE-2025-62127

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WEN Themes WEN Logo Slider allows DOM-Based XSS. This issue affects WEN Logo Slider: from n/a through 3.4.0...

5.9CVSS5.8AI score0.00136EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/07 7:31 a.m.7 views

CVE-2026-27421

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WProyal Royal Elementor Addons allows Stored XSS. This issue affects Royal Elementor Addons: from n/a before 1.7.1053...

6.5CVSS5.8AI score0.00176EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.14 views

PT-2026-38358

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WProyal Royal Elementor Addons allows Stored XSS. This issue affects Royal Elementor Addons: from n/a before 1.7.1053...

6.5CVSS5.8AI score0.00176EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.17 views

PT-2026-38436

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from n/a through 1.9.2 to 2.2...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/06 8:34 a.m.8 views

CVE-2026-42509 Apache Wicket: crafted strings can break out of the JavaScript sequence

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Wicket. This issue affects Apache Wicket: from 8.0.0 through 8.17.0, 9.0.0, from 10.0.0 through 10.8.0. Users are recommended to upgrade to version 10.9.0, which fixes the issue...

5.8AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/29 1:43 a.m.8 views

CVE-2026-28040

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Magepeople inc. Taxi Booking Manager for WooCommerce allows Stored XSS.This issue affects Taxi Booking Manager for WooCommerce: from n/a through 2.0.0...

6.5CVSS5.2AI score0.00165EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/29 1:39 a.m.3 views

CVE-2025-62110

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rescue Themes Rescue Shortcodes allows Stored XSS.This issue affects Rescue Shortcodes: from n/a through 3.3...

6.5CVSS5.2AI score0.00127EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/23 7:55 p.m.7 views

CVE-2025-58920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zootemplate Cerato cerato allows Reflected XSS.This issue affects Cerato: from n/a through = 2.2.18...

7.1CVSS5.8AI score0.00196EPSS
Exploits0References1
CNVD
CNVD
added 2026/04/21 12:0 a.m.8 views

WordPress Plugin YouTube Showcase Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress plugin YouTube Showcase, which ste...

6.5CVSS5.5AI score0.00156EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/15 10:21 a.m.4 views

CVE-2026-40734

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zahlan Categories Images categories-images allows DOM-Based XSS.This issue affects Categories Images: from n/a through = 3.3.1...

5.8AI score0.00139EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.10 views

WordPress plugin YouTube Showcase 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress plugin YouTube Showcase, which ste...

6.5CVSS5.5AI score0.00156EPSS
Exploits0References1
NVD
NVD
added 2026/04/14 6:17 p.m.5 views

CVE-2026-32196

Improper neutralization of input during web page generation 'cross-site scripting' in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network...

6.1CVSS0.00293EPSS
Exploits0References1
Rows per page
Query Builder