Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6664 matches found

NVD
NVDadded 2023/03/22 6:15 a.m.13 views

CVE-2023-25593

Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browse...

7.1CVSS6.5AI score0.00213EPSS
Exploits0References1
NVD
NVDadded 2023/03/22 6:15 a.m.11 views

CVE-2023-25592

Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browse...

7.1CVSS6.5AI score0.00213EPSS
Exploits0References1
Prion
Prionadded 2023/03/22 6:15 a.m.12 views

Cross site scripting

Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browse...

5.8CVSS6AI score0.00213EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blogadded 2023/03/16 6:35 p.m.22 views

Reflective Cross-site Scripting Vulnerability in twitter-bootstrap-rails

The twitter-bootstrap-rails Gem for Rails contains a flaw that enables a reflected cross-site scripting XSS attack. This flaw exists because the bootstrapflash helper method does not validate input when handling flash messages before returning it to users. This may allow a context-dependent...

2AI score
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2023/03/14 2:52 p.m.14 views

CVE-2023-25593 Reflected Cross Site Scripting Vulnerabilities (XSS) in ClearPass Policy Manager Web-Based Management Interface

Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browse...

7.1CVSS6.6AI score0.00213EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/03/14 2:51 p.m.12 views

CVE-2023-25592 Reflected Cross Site Scripting Vulnerabilities (XSS) in ClearPass Policy Manager Web-Based Management Interface

Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browse...

7.1CVSS6.6AI score0.00213EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2023/03/10 12:0 a.m.21 views

Cisco Evolved Programmable Network Manager Stored XSS (cisco-sa-cisco-pi-epnm-xss-mZShH2J)

The version of Cisco Evolved Programmable Network Manager installed on the remote host is prior to 7.0. It is, therefore, affected by a cross-site scripting XSSvulnerability as referenced in the cisco-sa-cisco-pi-epnm-xss-mZShH2J advisory. This vulnerability is due to insufficient validation of...

5.4CVSS5.9AI score0.002EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2023/03/10 12:0 a.m.21 views

Cisco Prime Infrastructure Stored XSS (cisco-sa-cisco-pi-epnm-xss-mZShH2J)

The version of Cisco Prime Infrastructure installed on the remote host is prior to 3.10.3. It is, therefore, affected by a cross-site scripting XSSvulnerability as referenced in the cisco-sa-cisco-pi-epnm-xss-mZShH2J advisory. This vulnerability is due to insufficient validation of user-supplied...

5.4CVSS5.9AI score0.002EPSS
Exploits0References3
Prion
Prionadded 2023/03/03 4:15 p.m.9 views

Cross site scripting

A vulnerability in the file upload functionality of Cisco Webex App for Web could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input. An attacker could...

5.8CVSS6AI score0.00218EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/03/03 12:0 a.m.11 views

CVE-2023-20104 Cisco Webex App for Web Cross-Site Scripting Vulnerability

A vulnerability in the file upload functionality of Cisco Webex App for Web could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input. An attacker could...

6.1CVSS6.4AI score0.00218EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/03/03 12:0 a.m.13 views

CVE-2023-20104 Cisco Webex App for Web Cross-Site Scripting Vulnerability

A vulnerability in the file upload functionality of Cisco Webex App for Web could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input. An attacker could...

6.1CVSS6.2AI score0.00218EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/03/03 12:0 a.m.10 views

CVE-2023-20069 Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This...

5.4CVSS6AI score0.002EPSS
Exploits0References1
NVD
NVDadded 2023/03/01 8:15 a.m.9 views

CVE-2023-22778

A vulnerability in the ArubaOS web management interface could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the...

4.8CVSS4.9AI score0.00181EPSS
Exploits0References1
NVD
NVDadded 2023/03/01 8:15 a.m.13 views

CVE-2023-20053

A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. This vulnerability is due to insufficient user...

6.1CVSS6AI score0.00173EPSS
Exploits0References1
Prion
Prionadded 2023/03/01 8:15 a.m.15 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. This vulnerability is due to insufficient user...

5.8CVSS5.9AI score0.00173EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/02/28 5:5 p.m.12 views

CVE-2023-22778 Authenticated Stored Cross-Site Scripting

A vulnerability in the ArubaOS web management interface could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the...

4.8CVSS5.2AI score0.00181EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2023/02/17 9:30 p.m.39 views

Moodle Cross-site Scripting vulnerability

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable...

6.1CVSS6.1AI score0.00287EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blogadded 2023/02/17 9:30 p.m.31 views

Moodle Cross-site Scripting vulnerability

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw...

6.1CVSS6.1AI score0.00287EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2023/02/17 9:30 p.m.19 views

GHSA-97QF-PQ7X-964M Moodle Cross-site Scripting vulnerability

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable...

6.1CVSS5.9AI score0.00287EPSS
Exploits0References5
OSV
OSVadded 2023/02/17 9:30 p.m.22 views

GHSA-GRMJ-GPWM-98WW Moodle Cross-site Scripting vulnerability

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw...

6.1CVSS5.9AI score0.00287EPSS
Exploits0References5
Rows per page
Query Builder