Lucene search
K

10 matches found

CNNVD
CNNVD
added 2026/03/05 12:0 a.m.11 views

Koha 安全漏洞

Koha is a library automation management system developed by the Koha organization. Versions of Koha prior to 25.11 contained a security vulnerability, which stemmed from a cross-site scripting vulnerability in the News feature. This vulnerability could allow remote attackers to execute arbitrary...

5.4CVSS5.9AI score0.00372EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2494

Malware in sbrugna...

4.8CVSS5.1AI score0.00534EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/03/07 12:0 a.m.5 views

Schoolbox Cross-Site Scripting Vulnerability

Schoolbox is an online learning platform from Schoolbox Australia. A cross-site scripting vulnerability exists in Schoolbox versions prior to 23.1.3, which stems from a cross-site scripting vulnerability in the News feature that allows an authenticated attacker to perform a secure operation in an...

7.3CVSS6AI score0.00331EPSS
Exploits0References3
Veracode
Veracode
added 2023/06/30 8:36 a.m.19 views

Cross-site Scripting (XSS)

sheng/yiicms is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to the lack of a validation in the news features form elements, which allows an attacker to inject and execute arbitrary JavaScript into the browser...

5.4CVSS6.5AI score0.00553EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/10/31 9:15 p.m.4 views

CVE-2022-39020

Multiple instances of XSS stored and reflected was found in the application. For example, features such as student assessment submission, file upload, news, ePortfolio and calendar event creation were found to be vulnerable to cross-site scripting...

6.1CVSS5.6AI score0.00383EPSS
Exploits0References1
OSV
OSV
added 2021/07/26 9:15 p.m.4 views

CVE-2020-23241

Cross Site Scripting XSS vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News Article" feature...

4.8CVSS5.8AI score0.00473EPSS
Exploits1References1
OSV
OSV
added 2018/04/26 5:29 a.m.3 views

CVE-2018-10422

An issue was discovered in HongCMS 3.0.0. The post news feature has Stored XSS via the content field...

4.8CVSS5.8AI score0.00534EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/04/26 5:0 a.m.19 views

CVE-2018-10422

An issue was discovered in HongCMS 3.0.0. The post news feature has Stored XSS via the content field...

4.9AI score0.00534EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/26 12:0 a.m.5 views

HongCMS Cross-Site Scripting Vulnerability

HongCMS is an open source lightweight content management system CMS. A cross-site scripting vulnerability exists in the Add News feature in HongCMS version 3.0.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the help of a content field...

4.8CVSS5.9AI score0.00534EPSS
Exploits1References1
Prion
Prion
added 2017/03/24 3:59 p.m.24 views

Cross site scripting

XSS exists in the CMS Made Simple CMSMS 2.1.6 "Content--News--Add Article" feature via the m1title parameter. Someone must login to conduct the attack...

3.5CVSS5.2AI score0.0052EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder