8771 matches found
CVE-2026-41098
Improper neutralization of input during web page generation 'cross-site scripting' in Azure Stack Edge allows an authorized attacker to perform spoofing over a network...
CVE-2026-45465
CVE-2026-45465 : The vulnerability affects Microsoft Office SharePoint Server and is due to improper neutralization of input during web page generation, resulting in a cross-site scripting (XSS) issue. An authorized attacker can perform network-based spoofing. According to the provided descriptio...
CVE-2026-45462
The CVE-2026-45462 entry describes an XSS vulnerability in Microsoft Office SharePoint where improper neutralization of input during web page generation can enable spoofing over a network. According to the connected records, impact is limited to spoofing with Confidentiality/Integrity/Availabilit...
CVE-2026-47639
CVE-2026-47639 affects Microsoft Office SharePoint Server. The description identifies an Improper neutralization of input during web page generation (XSS) that enables an authorized attacker to perform spoofing over a network. Connected sources corroborate an XSS payload risk in SharePoint, leadi...
CVE-2026-45500
CVE-2026-45500: A cross-site scripting issue in Microsoft Exchange Server arises from improper neutralization of input during web page generation. This vulnerability could enable an unauthorized attacker to perform spoofing over the network. Documents identify Microsoft Exchange Server as affecte...
CVE-2026-45479
The CVE-2026-45479 entries describe an XSS vulnerability in Microsoft Office SharePoint where improper neutralization of input during web page generation can enable an authorized attacker to perform spoofing over the network. Affected product is SharePoint/SharePoint Server; the root cause is lac...
CVE-2026-45468
CVE-2026-45468 involves an improper neutralization of input during web page generation (XSS) in Microsoft Office SharePoint / SharePoint Server . An authorized attacker can perform spoofing over a network by targeting affected SharePoint web pages. The CVSS 3.1 base score is 4.6 (Medium); attack ...
Microsoft SharePoint Server Spoofing Vulnerability
Improper neutralization of special elements in output used by a downstream component 'injection' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
Microsoft Exchange Server Spoofing Vulnerability
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
Microsoft SharePoint Server Spoofing Vulnerability
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
Microsoft Teams for Android Information Disclosure Vulnerability
Improper neutralization of special elements in output used by a downstream component 'injection' in Microsoft Teams for Android allows an authorized attacker to disclose information over a network...
CVE-2026-7486
Netcad E-İmar is affected by CVE-2026-7486 (SQL injection) due to improper neutralization of special elements in SQL commands. The issue affects E-İmar versions from 2.10.1.0 up to (but not including) 3.0.2. The CVSS 3.1 base score is 9.8 (CRITICAL) with network attack vector, no privileges requi...
PT-2026-47878
Name of the Vulnerable Software and Affected Versions Microsoft Teams for Android affected versions not specified Description Improper neutralization of special elements in output used by a downstream component injection allows an authorized attacker to disclose sensitive information over a netwo...
PT-2026-48037
Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network. Cross-si...
Apache Answer 安全漏洞
Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier contained security vulnerabilities. These vulnerabilities were caused by improper neutralization of XSS syntax, resulting in AI-generated content being rendered...
PT-2026-47955
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
Improper Neutralization of Special Elements in Data Query Logic
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the @Query regex parameter binding when a bound parameter is placed inside a regular expression literal using \Q...\E quoting e.g. @Query" name : /^\\Q?0\\E$/ "...
PT-2026-48029
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
PT-2026-47951
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
PT-2026-47712
Name of the Vulnerable Software and Affected Versions Apache Answer versions prior to 2.0.1 Description Improper Neutralization of Alternate XSS Syntax occurs when AI-generated response content is rendered in the browser without proper sanitization. This allows malicious scripts to be executed wh...