Lucene search
K

14 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-38494

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00438EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 9:31 a.m.4 views

CVE-2024-26491

A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field...

6.1CVSS5.7AI score0.00436EPSS
Exploits1References1
veracode
veracode
added 2024/02/22 9:26 a.m.19 views

Cross Site Scripting

Liferay Portal is vulnerable to Cross Site Scripting. The vulnerability is present in the Users Admin module's edit user page. The vulnerability is due to insufficient sanitization of user input in the "Name" text field, allowing remote authenticated users to inject arbitrary web script or HTML v...

9CVSS6.1AI score0.00619EPSS
Exploits0References2Affected Software4
nvd
nvd
added 2024/02/22 6:15 a.m.19 views

CVE-2024-26491

A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field...

6.1CVSS5.6AI score0.00436EPSS
Exploits1References1
cvelist
cvelist
added 2024/02/22 12:0 a.m.20 views

CVE-2024-26491

A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field...

5.7AI score0.00436EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2023/10/17 9:28 a.m.17 views

CVE-2023-44310

Stored cross-site scripting XSS vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3.78, and Liferay DXP 7.3 fix pack 1 through update 23, and 7.4 before update 79 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into page's "Name" text...

9CVSS5.5AI score0.00462EPSS
Exploits0References1
cvelist
cvelist
added 2022/08/26 8:37 p.m.30 views

CVE-2022-36548

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability at /patient/settings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field...

5.5AI score0.00499EPSS
Exploits1References2
prion
prion
added 2022/08/17 9:15 p.m.15 views

Cross site scripting

A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...

5.8CVSS5.9AI score0.00421EPSS
Exploits0References1Affected Software1
debiancve
debiancve
added 2022/08/17 8:38 p.m.41 views

CVE-2022-35133

A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...

6.1CVSS5.9AI score0.00421EPSS
Exploits0
osv
osv
added 2022/07/09 12:0 a.m.13 views

GHSA-G688-7J3C-H9F3 Known v1.3.1 Cross-site Scripting

A cross-site scripting XSS vulnerability in Known v1.3.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field. The researcher report indicates that versions 1.3.1 and prior are vulnerable. Version 1.2.2 is the last...

5.4CVSS5.2AI score0.00797EPSS
Exploits1References5
github
github
added 2022/07/09 12:0 a.m.37 views

Known v1.3.1 Cross-site Scripting

A cross-site scripting XSS vulnerability in Known v1.3.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field. The researcher report indicates that versions 1.3.1 and prior are vulnerable. Version 1.2.2 is the last...

5.4CVSS5.1AI score0.00797EPSS
Exploits1References6Affected Software1
prion
prion
added 2022/06/27 9:15 p.m.16 views

Cross site scripting

A cross-site scripting XSS vulnerability in the System Settings/IOT Settings module of Delta Electronics DIAEnergie v1.08.00 allows attackers to execute arbitrary web scripts via a crafted payload injected into the Name text field...

4.3CVSS5.9AI score0.00586EPSS
Exploits1References1Affected Software1
osv
osv
added 2021/09/09 11:15 p.m.16 views

CVE-2020-19285

A stored cross-site scripting XSS vulnerability in the /group/apply component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name text field...

5.4CVSS5.5AI score
Exploits0References2
nvd
nvd
added 2021/09/09 11:15 p.m.17 views

CVE-2020-19285

A stored cross-site scripting XSS vulnerability in the /group/apply component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name text field...

5.4CVSS0.0066EPSS
Exploits1References2
Rows per page
Query Builder