Lucene search
K

8771 matches found

NVD
NVD
added 2026/06/09 5:17 p.m.12 views

CVE-2026-41098

Improper neutralization of input during web page generation 'cross-site scripting' in Azure Stack Edge allows an authorized attacker to perform spoofing over a network...

8.4CVSS0.00814EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:5 p.m.19 views

CVE-2026-45465

CVE-2026-45465 : The vulnerability affects Microsoft Office SharePoint Server and is due to improper neutralization of input during web page generation, resulting in a cross-site scripting (XSS) issue. An authorized attacker can perform network-based spoofing. According to the provided descriptio...

5.4CVSS5.4AI score0.0051EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/09 5:5 p.m.20 views

CVE-2026-45462

The CVE-2026-45462 entry describes an XSS vulnerability in Microsoft Office SharePoint where improper neutralization of input during web page generation can enable spoofing over a network. According to the connected records, impact is limited to spoofing with Confidentiality/Integrity/Availabilit...

5.4CVSS5.4AI score0.00505EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/09 5:5 p.m.30 views

CVE-2026-47639

CVE-2026-47639 affects Microsoft Office SharePoint Server. The description identifies an Improper neutralization of input during web page generation (XSS) that enables an authorized attacker to perform spoofing over a network. Connected sources corroborate an XSS payload risk in SharePoint, leadi...

5.4CVSS5.4AI score0.0051EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/09 5:4 p.m.39 views

CVE-2026-45500

CVE-2026-45500: A cross-site scripting issue in Microsoft Exchange Server arises from improper neutralization of input during web page generation. This vulnerability could enable an unauthorized attacker to perform spoofing over the network. Documents identify Microsoft Exchange Server as affecte...

6.1CVSS5.4AI score0.00375EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2026/06/09 5:4 p.m.20 views

CVE-2026-45479

The CVE-2026-45479 entries describe an XSS vulnerability in Microsoft Office SharePoint where improper neutralization of input during web page generation can enable an authorized attacker to perform spoofing over the network. Affected product is SharePoint/SharePoint Server; the root cause is lac...

5.4CVSS5.4AI score0.00505EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/09 5:4 p.m.30 views

CVE-2026-45468

CVE-2026-45468 involves an improper neutralization of input during web page generation (XSS) in Microsoft Office SharePoint / SharePoint Server . An authorized attacker can perform spoofing over a network by targeting affected SharePoint web pages. The CVSS 3.1 base score is 4.6 (Medium); attack ...

5.4CVSS5.4AI score0.00505EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.14 views

Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of special elements in output used by a downstream component 'injection' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

7.3CVSS7AI score0.00559EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.10 views

Microsoft Exchange Server Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

6.1CVSS5.4AI score0.00375EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.8 views

Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS7AI score0.00505EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.18 views

Microsoft Teams for Android Information Disclosure Vulnerability

Improper neutralization of special elements in output used by a downstream component 'injection' in Microsoft Teams for Android allows an authorized attacker to disclose information over a network...

8.1CVSS5.4AI score0.01259EPSS
Exploits0
CVE
CVE
added 2026/06/09 12:24 p.m.32 views

CVE-2026-7486

Netcad E-İmar is affected by CVE-2026-7486 (SQL injection) due to improper neutralization of special elements in SQL commands. The issue affects E-İmar versions from 2.10.1.0 up to (but not including) 3.0.2. The CVSS 3.1 base score is 9.8 (CRITICAL) with network attack vector, no privileges requi...

9.8CVSS5.6AI score0.00275EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-47878

Name of the Vulnerable Software and Affected Versions Microsoft Teams for Android affected versions not specified Description Improper neutralization of special elements in output used by a downstream component injection allows an authorized attacker to disclose sensitive information over a netwo...

8.1CVSS5.1AI score0.01259EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-48037

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network. Cross-si...

5.4CVSS6.8AI score0.00505EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.7 views

Apache Answer 安全漏洞

Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier contained security vulnerabilities. These vulnerabilities were caused by improper neutralization of XSS syntax, resulting in AI-generated content being rendered...

6.1CVSS5.3AI score0.00406EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-47955

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS7.1AI score0.00505EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/09 12:0 a.m.10 views

Improper Neutralization of Special Elements in Data Query Logic

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the @Query regex parameter binding when a bound parameter is placed inside a regular expression literal using \Q...\E quoting e.g. @Query" name : /^\\Q?0\\E$/ "...

8.2CVSS5.3AI score0.00262EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.11 views

PT-2026-48029

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

8.1CVSS5.4AI score0.00353EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.10 views

PT-2026-47951

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS7.1AI score0.0051EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-47712

Name of the Vulnerable Software and Affected Versions Apache Answer versions prior to 2.0.1 Description Improper Neutralization of Alternate XSS Syntax occurs when AI-generated response content is rendered in the browser without proper sanitization. This allows malicious scripts to be executed wh...

6.1CVSS5AI score0.00406EPSS
Exploits0References6
Rows per page
Query Builder