Lucene search
K

5666 matches found

Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.22 views

PT-2026-47955

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS7.1AI score0.00505EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.18 views

PT-2026-48101

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network. Cross-si...

4.6CVSS6.8AI score0.00505EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-48035

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network. Cross-si...

5.4CVSS6.8AI score0.0051EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-48029

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

8.1CVSS5.4AI score0.00353EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.12 views

PT-2026-47951

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS7.1AI score0.0051EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.10 views

CVE-2026-8493

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Colorbox Inline allows Cross-Site Scripting XSS. This issue affects Colorbox Inline: from 0.0.0 before 2.1.1...

5.4CVSS5.4AI score0.00177EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.14 views

CVE-2025-14773

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8CVSS5.4AI score0.00181EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-39840

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.1CVSS5.4AI score0.00158EPSS
Exploits1References1
NVD
NVD
added 2026/06/03 11:16 a.m.16 views

CVE-2025-14773

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8CVSS0.00181EPSS
Exploits0References1
Veracode
Veracode
added 2026/06/03 9:56 a.m.12 views

Cross-Site Scripting (XSS)

drupal/googletag is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of user-supplied input during web page generation, which allows an attacker to inject and execute malicious scripts in a victim's browser through crafted input...

4.8CVSS5.5AI score0.00218EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/02 10:43 a.m.10 views

EUVD-2026-33910

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ahmad WP Job Portal allows Reflected XSS. This issue affects WP Job Portal: from n/a through 2.5.1...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 9:40 a.m.11 views

EUVD-2025-210033

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UnboundStudio Accordion FAQ allows Reflected XSS. This issue affects Accordion FAQ: from n/a through 2.2.1...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 9:40 a.m.11 views

CVE-2025-52759

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UnboundStudio Accordion FAQ allows Reflected XSS. This issue affects Accordion FAQ: from n/a through 2.2.1...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/01 2:44 p.m.11 views

CVE-2026-42683 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 2:44 p.m.13 views

EUVD-2026-33653

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/01 7:23 a.m.13 views

CVE-2026-42253

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies every JMS message property into an HTTP response header without any validation. This can allow...

6.1CVSS5.8AI score0.01107EPSS
Exploits1
EUVD
EUVD
added 2026/05/28 7:40 p.m.14 views

EUVD-2026-33012

Improper Neutralization of Input During Web Page Generation CWE-79 in Kibana can lead to stored HTML injection. A user with write access to an Elasticsearch index could persist crafted markup which, when subsequently rendered through an affected Kibana view by another user, was not sufficiently...

4.1CVSS5.8AI score0.00141EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 11:16 a.m.21 views

CVE-2026-42750

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nexcess WPComplete wpcomplete allows Stored XSS.This issue affects WPComplete: from n/a through = 2.9.5.4...

6.5CVSS0.0013EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 11:16 a.m.22 views

CVE-2026-42751

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevelop Booking Manager booking-manager allows Stored XSS.This issue affects Booking Manager: from n/a through = 2.1.18...

6.5CVSS0.0013EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:49 a.m.9 views

CVE-2026-42739

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in IniLerm Advanced IP Blocker advanced-ip-blocker allows DOM-Based XSS.This issue affects Advanced IP Blocker: from n/a through = 8.10.7...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References2
Rows per page
Query Builder