CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Veracode•added 2023/12/13 2:12 p.m.•13 views

Cross-site Scripting (XSS)

com.jfinal, jfinal is vulnerable to Cross Site Scripting. The vulnerability exists due to improper validation or sanitization of user inputs which allows attackers to inject malicious JS payloads into the system...

5.4CVSS6.7AI score0.00098EPSS

Exploits0References2Affected Software1

OSV•added 2021/05/17 9:1 p.m.•21 views

GHSA-JQH7-W5PR-CR56 Cross-site scripting in @shopify/koa-shopify-auth

A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the shop parameter on the /shopify/auth/enablecookies endpoint...

6.1CVSS5.8AI score0.00187EPSS

Exploits1References3

Github Security Blog•added 2021/05/17 9:1 p.m.•63 views

Cross-site scripting in @shopify/koa-shopify-auth

A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the shop parameter on the /shopify/auth/enablecookies endpoint...

6.1CVSS5.6AI score0.00187EPSS

Exploits1References4Affected Software1

OSV•added 2020/07/02 7:15 p.m.•11 views

CVE-2020-8176

A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the shop parameter on the /shopify/auth/enablecookies endpoint...

6.1CVSS6AI score

Exploits0References2

Cvelist•added 2020/07/02 6:35 p.m.•13 views

CVE-2020-8176

A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the shop parameter on the /shopify/auth/enablecookies endpoint...

5.9AI score0.00187EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by