CVE-2023-54360 Joomla JLex Review 6.0.1 Reflected XSS via review_id Parameter

Joomla JLex Review 6.0.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the reviewid URL parameter. Attackers can craft malicious links containing JavaScript payloads that execute in victims' browsers when clicked, enablin...

CVE-2025-14340 Admin Account Takeover via malicious URL payload

Cross-site scripting in REST Management Interface in Payara Server 4.1.2.191.54, 5.83.0, 6.34.0, 7.2026.1 allows an attacker to mislead the administrator to change the admin password via URL Payload...