JetBrains TeamCity 跨站脚本漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2026.1.1...

WordPress plugin Geo Mashup 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Clickedu 跨站脚本漏洞

Clickedu is an academic management platform operated by Clickedu Corporation. Clickedu has a cross-site scripting vulnerability. This vulnerability stems from a reflective cross-site scripting flaw in the endpoint/user.php file. It may allow attackers to execute JavaScript code in the victim’s...

Gainsight Assist 安全漏洞

Gainsight Assist is a customer communication template management tool developed by Gainsight Inc. There is a security vulnerability in Gainsight Assist, which stems from improper handling of the errordescription parameter. This vulnerability may lead to reflective cross-site scripting attacks...

Chamilo 跨站脚本漏洞

Chamilo is an open-source learning management system developed by Chamilo. Versions of Chamilo prior to 1.11.30 had a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of the keywordactive parameter in the admin/userlist.php file, which could lead to reflective...

Comodo Dome Firewall 跨站脚本漏洞

Comodo Dome Firewall is a unified threat management and next-generation firewall provided by the Chinese company Comodo. Version 2.7.0 of Comodo Dome Firewall contains a cross-site scripting vulnerability. This vulnerability stems from insufficient input validation of the username parameter at th...

FacturaScripts 跨站脚本漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to 2025.8 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of raw filters during error message display, which allowed for skipping...

WordPress plugin TableOn has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Kentico Xperience 跨站脚本漏洞

Kentico Xperience is a digital experience platform from Kentico. A cross-site scripting vulnerability exists in the Kentico Xperience rich text editor component that can be exploited by an attacker to execute arbitrary script in a user's browser...

IDI Eikon Governalia 跨站脚本漏洞

IDI Eikon Governalia is an e-government and smart city software platform from the Spanish company IDI Eikon. A cross-site scripting vulnerability exists in IDI Eikon Governalia, which stems from reflective cross-site scripting and could lead to the execution of malicious JavaScript code...

WordPress plugin GoStore 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA versions prior to 3.5.1, which stems from an unvalidated log parameter in configuracaogeral.php and could lead to a reflective cross-site scripting...

wabac.js 跨站脚本漏洞

wabac.js is an open source archive browsing client for Webrecorder. A cross-site scripting vulnerability exists in wabac.js version 2.23.10 and earlier, which stems from an uncleaned and unescaped requestURL parameter that could lead to a reflective cross-site scripting attack...

WordPress plugin Evangelische Termine 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Mediabay - WordPress Media Library Folders 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Mediabay - WordPre...

WordPress plugin Goodlayers Hotel 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...

CVE-2022-32127

74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting XSS vulnerability via the path /company/viewbebrowsed/total...

104 eHRMS 跨站脚本漏洞

104 eHRMS is a Human Resource Management System from 104 Inc. A cross-site scripting vulnerability exists in 104 eHRMS V202412 and prior versions, which stems from reflective cross-site scripting and could lead to the execution of arbitrary JavaScript code...

Karaz Karazal 安全漏洞

Karaz Karazal is an innovative digital platform from Karaz that provides intelligent business solutions and services. A security vulnerability exists in Karaz Karazal version 2025-04-14 and earlier, which stems from a parameter lang leading to reflective cross-site scripting...

WordPress plugin Automatic Ban IP 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...