15 matches found
CVE-2026-31352
An authenticated stored cross-site scripting XSS vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Role Name parameter...
GHSA-HQJC-WFVX-X2FV Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the Role Management module
An authenticated stored cross-site scripting XSS vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Role Name parameter...
CVE-2026-31352
An authenticated stored cross-site scripting XSS vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Role Name parameter...
CVE-2026-31352
Feehi CMS v2.1.1 contains an authenticated stored XSS in the Role Management module, exploitable by injecting a crafted payload into the Role Name field. The affected component is Role Management; the root cause is improper handling/escaping of input in Role Name. No exploit specifics or remedial...
PT-2026-30653
An authenticated stored cross-site scripting XSS vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Role Name parameter...
CVE-2026-31352
An authenticated stored cross-site scripting XSS vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Role Name parameter...
EUVD-2018-10804
Malware in sbrugna...
CVE-2023-27148
A stored cross-site scripting XSS vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter...
CVE-2023-27148
A stored cross-site scripting XSS vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter...
CVE-2023-27148
A stored cross-site scripting XSS vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter...
CVE-2023-27148
A stored cross-site scripting XSS vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter...
Enhancesoft osTicket Cross-Site Scripting Vulnerability
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, USA. A security vulnerability exists in Enhancesoft osTicket v1.17.2. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the Role Name parameter...
CVE-2023-27148
A stored cross-site scripting XSS vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter...
CVE-2020-25131
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting XSS due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via the rolename or roledescr parameter to the roles/ URI...