Lucene search
K

5671 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/18 2:0 p.m.9 views

Dynamics 365 Customer Voice Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Dynamics 365 Customer Voice allows an unauthorized attacker to perform spoofing over a network...

9.3CVSS5.8AI score
Exploits0
EUVD
EUVD
added 2026/06/18 10:43 a.m.8 views

EUVD-2026-37873

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricksable for Bricks Builder allows Stored XSS. This issue affects Bricksable for Bricks Builder: from n/a through 1.6.83...

5.9CVSS5.3AI score0.0014EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 10:43 a.m.18 views

CVE-2026-56009

CVE-2026-56009 : Stored XSS in Bricksable for Bricks Builder plugin for WordPress, affected versions from n/a through 1.6.83. Root cause: Improper Neutralization of Input During Web Page Generation. CVSS 3.1 base score 5.9 (MEDIUM); attack vector NETWORK, complexity LOW, privileges required HIGH,...

5.9CVSS5.2AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.5 views

CVE-2025-31013

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themify Folo allows Reflected XSS. This issue affects Themify Folo: from n/a through 1.9.6...

7.1CVSS0.00146EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:34 p.m.17 views

CVE-2026-12425

CVE-2026-12425 is a reflected/DOM-based XSS in PowerSchool Employee Access Center 23.10. The issue allows injection of JavaScript after the login URL that can be eval()’d in the user’s browser context, enabling an attacker to run code with the user’s privileges. The CVSS metrics indicate network ...

7.4CVSS5.5AI score0.00149EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/12 12:31 a.m.9 views

EUVD-2026-36361

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iova.Mihai SliceWP allows Stored XSS. This issue affects SliceWP: from n/a through 1.2.6...

7.1CVSS5.4AI score0.00142EPSS
Exploits0References2
NVD
NVD
added 2026/06/11 10:16 p.m.14 views

CVE-2026-42653

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iova.Mihai SliceWP allows Stored XSS. This issue affects SliceWP: from n/a through 1.2.6...

7.1CVSS0.00142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.9 views

CVE-2026-45501

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.4AI score0.00308EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.9 views

CVE-2026-45481

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

7.3CVSS7AI score0.00687EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 2:16 p.m.19 views

CVE-2026-49069

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4.21...

7.1CVSS0.00342EPSS
Exploits2References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.13 views

EUVD-2026-35511

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS7.1AI score0.00505EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 5:17 p.m.16 views

CVE-2026-47638

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS0.00505EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.9 views

CVE-2026-45479

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS0.00505EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.9 views

CVE-2026-45468

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS0.00505EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.12 views

CVE-2026-45465

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS0.0051EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.13 views

CVE-2026-41098

Improper neutralization of input during web page generation 'cross-site scripting' in Azure Stack Edge allows an authorized attacker to perform spoofing over a network...

8.4CVSS0.00814EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:5 p.m.22 views

CVE-2026-45465

CVE-2026-45465 : The vulnerability affects Microsoft Office SharePoint Server and is due to improper neutralization of input during web page generation, resulting in a cross-site scripting (XSS) issue. An authorized attacker can perform network-based spoofing. According to the provided descriptio...

5.4CVSS6.6AI score0.0051EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/09 5:5 p.m.23 views

CVE-2026-45462

The CVE-2026-45462 entry describes an XSS vulnerability in Microsoft Office SharePoint where improper neutralization of input during web page generation can enable spoofing over a network. According to the connected records, impact is limited to spoofing with Confidentiality/Integrity/Availabilit...

5.4CVSS5.4AI score0.00505EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/09 5:5 p.m.33 views

CVE-2026-47639

CVE-2026-47639 affects Microsoft Office SharePoint Server. The description identifies an Improper neutralization of input during web page generation (XSS) that enables an authorized attacker to perform spoofing over a network. Connected sources corroborate an XSS payload risk in SharePoint, leadi...

5.4CVSS6.6AI score0.0051EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/09 5:4 p.m.42 views

CVE-2026-45500

CVE-2026-45500: A cross-site scripting issue in Microsoft Exchange Server arises from improper neutralization of input during web page generation. This vulnerability could enable an unauthorized attacker to perform spoofing over the network. Documents identify Microsoft Exchange Server as affecte...

6.1CVSS5.4AI score0.00375EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder