CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2167 matches found

Veracode•added 2023/07/19 4:2 a.m.•18 views

Cross-site Scripting (XSS)

clevertap-cordova is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the library does not properly validate the data from the deep links, allowing an attacker to inject and execute malicious javascript...

9.3CVSS6.6AI score0.00112EPSS

Exploits1References3Affected Software1

Veracode•added 2023/07/18 1:51 p.m.•19 views

Cross-Site Scripting (XSS)

webmention.js is vulnerable to Cross-Site Scripting XSS attacks. The vulnerability is due to improper sanitization of the comments parameter in the formatComments function, allowing an attacker to inject and execute malicious JavaScript in a victim's browser...

6.1CVSS6AI score0.00088EPSS

Exploits1References4Affected Software1

ATTACKERKB•added 2023/07/13 3:15 p.m.•1 views

CVE-2023-31705

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

5.4CVSS5.7AI score0.00251EPSS

Exploits0References3

NVD•added 2023/07/13 3:15 p.m.•12 views

CVE-2023-31705

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

5.4CVSS0.00251EPSS

Exploits0References2

Prion•added 2023/07/13 3:15 p.m.•20 views

Cross site scripting

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

4.9CVSS5.2AI score0.00251EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/07/13 12:0 a.m.•14 views

CVE-2023-31705

A Reflected Cross-site scripting XSS vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter...

5.5AI score0.00251EPSS

Exploits0References2

Veracode•added 2023/07/12 9:34 a.m.•14 views

Cross-Site Scripting (XSS)

github.com/mlogclub/bbs-go is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the special characters before it output to the front end, allowing an attacker to inject and execute malicious javascript on victim's browser via a crafted payload to the comment...

5.4CVSS6AI score0.00274EPSS

Exploits1References6Affected Software1

CNVD•added 2023/07/12 12:0 a.m.•28 views

Siemens RUGGEDCOM ROX cross-site scripting vulnerability (CNVD-2023-55710)

RUGGEDCOM products offer a degree of robustness and reliability that sets the standard for communication networks deployed in harsh environments. A cross-site scripting vulnerability exists in Siemens RUGGEDCOM ROX, which can be exploited by attackers to execute malicious javascript code by...

8.8CVSS6.4AI score0.00591EPSS

Exploits0References1

OSV•added 2023/07/11 10:15 a.m.•0 views

CVE-2023-36389

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...

6.1CVSS7.3AI score0.00591EPSS

Exploits0References1

NVD•added 2023/07/11 10:15 a.m.•12 views

CVE-2023-36386

8.8CVSS7.7AI score0.00591EPSS

Exploits0References1

Cvelist•added 2023/07/11 9:7 a.m.•14 views

CVE-2023-36389

8.8CVSS7.8AI score0.00591EPSS

Exploits0References1

CNNVD•added 2023/07/11 12:0 a.m.•2 views

Siemens RUGGEDCOM ROX 系列多款产品跨站脚本漏洞

8.8CVSS6.5AI score0.00591EPSS

Exploits0References2

CNNVD•added 2023/07/11 12:0 a.m.•2 views

Siemens RUGGEDCOM ROX 系列多款产品跨站脚本漏洞

8.8CVSS6.5AI score0.00772EPSS

Exploits0References2

Veracode•added 2023/06/29 7:35 a.m.•24 views

Cross-site Scripting (XSS)

com.liferay.layout.seo.web is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of validation of the URLs in the layout module's SEO configuration, which allows an attacker to inject and execute malicious javascript or HTML via the...

6.1CVSS6.4AI score0.00225EPSS

Exploits0References3Affected Software1

Veracode•added 2023/06/26 9:3 a.m.•15 views

Cross-Site Scripting (XSS)

tpwd/kesearch is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly validate user input before it output to the front end, allowing an attacker to inject and execute malicious javascript on victim's browser via indexed data...

6.3CVSS6.1AI score0.00324EPSS

Exploits0References6Affected Software1

Veracode•added 2023/06/21 6:47 a.m.•12 views

Cross Site Scripting (XSS)

@udecode/plate-link is vulnerable to Cross Site Scripting XSS. The vulnerability exists because it does not properly validate url's, which allows an attacker to inject malicious JavaScript script into the system...

8.1CVSS6.3AI score0.00626EPSS

Exploits0References3Affected Software1

Veracode•added 2023/06/20 7:38 a.m.•19 views

Cross-Site Scripting (XSS)

github.com/gitpod-io/gitpod is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly check for user input URLs which leads to redirection for some protocols outside of the trusted set of three vscode: vscode-insiders: jetbrains-gateway:, allowing an attacker to execute...

6.1CVSS10AI score0.00567EPSS

Exploits0References7Affected Software1

CNNVD•added 2023/06/19 12:0 a.m.•1 views

PyBB 跨站脚本漏洞

PyBB is an open source bulletin board for individual developers in Ben, UK. PyBB version 0.1.0 suffers from a cross-site scripting vulnerability that stems from the presence of a cross-site scripting vulnerability that allows an attacker to run malicious JavaScript code on the client side...

5.4CVSS5.5AI score0.00119EPSS

Exploits0References3

OSV•added 2023/06/15 7:15 p.m.•0 views

CVE-2023-29304

Adobe Experience Manager versions 6.5.16.0 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS6AI score

Exploits0References1

NVD•added 2023/06/15 7:15 p.m.•18 views

CVE-2023-29304

5.4CVSS5AI score0.03891EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by