19 matches found
EUVD-2022-2161
Malicious code in bioql PyPI...
CVE-2020-36396
A stored cross site scripting XSS vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...
CVE-2020-36397
A stored cross site scripting XSS vulnerability in the /admin/contact/contact component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...
GHSA-VV33-27JM-CVXQ Stored XSS in LavaLite 5.8.0
A stored cross site scripting XSS vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...
GHSA-6R6H-VHG7-53X7 Cross Site Scripting (XSS) in LavaLite 5.8.0
Cross Site Scripting XSS in LavaLite 5.8.0 via the Address field...
CVE-2020-36396
A stored cross site scripting XSS vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...
CVE-2020-36397
A stored cross site scripting XSS vulnerability in the /admin/contact/contact component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...
CVE-2020-36396
A stored cross site scripting XSS vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...
CVE-2020-36395
A stored cross site scripting XSS vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...
Cross site scripting
A stored cross site scripting XSS vulnerability in the /admin/user/team component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...
Cross site scripting
A stored cross site scripting XSS vulnerability in the /admin/roles/role component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...
Cross site scripting
A stored cross site scripting XSS vulnerability in the /admin/contact/contact component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...
CVE-2020-36397
Summary of CVE-2020-36397 : A stored cross-site scripting (XSS) vulnerability exists in LavaLite 5.8.0, specifically in the /admin/contact/contact component. The issue allows authenticated attackers to inject arbitrary web scripts or HTML via a crafted payload entered into the “New” parameter. Th...
CVE-2020-36397
A stored cross site scripting XSS vulnerability in the /admin/contact/contact component of LavaLite 5.8.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "New" parameter...
CVE-2020-36396
The CVE refers to LavaLite 5.8.0, specifically a stored XSS in the /admin/roles/role component. An authenticated attacker can inject arbitrary web scripts/HTML via the New parameter, enabling script execution in the context of the logged-in user. The provided connected documents confirm the vulne...
CVE-2020-28124
Cross Site Scripting XSS in LavaLite 5.8.0 via the Address field...
Cross site scripting
Cross Site Scripting XSS in LavaLite 5.8.0 via the Address field...
CVE-2020-28124
CVE-2020-28124 describes a Cross-Site Scripting (XSS) vulnerability in LavaLite CMS 5.8.0 exploitable via the address field. The issue arises from insufficient input sanitization of the address field, enabling injected script content that could be reflected or stored depending on context (per sou...
CVE-2020-28124
Cross Site Scripting XSS in LavaLite 5.8.0 via the Address field...