Cross site scripting

A cross-site scripting XSS vulnerability in the Addon JD Simple module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field...

Cross site scripting

A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field...

CVE-2024-25875

A cross-site scripting XSS vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Undertitle text field...

CVE-2024-26489

A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Social block links' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Profile Name text field...

Enhavo CMS Security Vulnerability

Enhavo CMS is a content management system from Enhavo. A security vulnerability exists in Enhavo CMS version v0.13.1. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the Create Tag text field...

Enhavo CMS Security Vulnerability

Enhavo CMS is a content management system from Enhavo. A security vulnerability exists in Enhavo CMS version v0.13.1. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the Title text field...

Enhavo CMS Security Vulnerability

Enhavo CMS is a content management system from Enhavo. A security vulnerability exists in Enhavo CMS version v0.13.1. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the Undertitle text field...

flusity CMS Security Vulnerability

flusity CMS is a user-interactive interface solution that can be easily changed or added to code. A security vulnerability exists in flusity CMS version v2.33, which stems from the presence of a cross-site scripting XSS vulnerability that allows an attacker to execute arbitrary web script or HTML...

Mozilla Firefox Security Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox IOS prior to version 122, which originates when opening an external URL using a custom Firefox scheme and a timeout contention condition, and can be exploited by an attack...

Cross site scripting

Cross-site scripting vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the management page of the affected...

CVE-2024-25225

A cross-site scripting XSS vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter under the Add Category function...

CVE-2024-25221

A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...

CVE-2024-25221

CVE-2024-25221 affects Task Manager App v1.0, where a reflected XSS can be triggered via the Note Section parameter in /TaskManager/Tasks.php. The CVE entry lists a CVSS v3.1 base score of 6.1 (Medium) with network attack vector, low attack complexity, no privileges, user interaction required, an...

CVE-2024-25224

A cross-site scripting XSS vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Size Number parameter under the Add Size function...

CVE-2024-25300

A cross-site scripting XSS vulnerability in Redaxo v5.15.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Template section...

CVE-2023-52059

A cross-site scripting XSS vulnerability in Gestsup v3.2.46 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field...

Cotonti CMS Cross-Site Scripting Vulnerability

Cotonti CMS is a powerful open source web development framework and content manager from Cotonti. A cross-site scripting vulnerability exists in Cotonti CMS version v0.9.24, which stems from a cross-site scripting vulnerability in the Edit Page feature that allows an authenticated attacker to...

CentOS 8 : libreoffice (CESA-2023:0089)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:0089 advisory. - libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation CVE-2022-26305 - libreoffice: Static Initialization Vector Allows t...

Cross site scripting

A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, which could lead to the execution of remote arbitrary scripts...

Tenable Network Security Nessus Cross-Site Scripting Vulnerability

Tenable Network Security Nessus is an open source system vulnerability scanner from Tenable Network Security, USA. Nessus suffers from a cross-site scripting vulnerability. A remote attacker exploiting this vulnerability may be able to change Nessus proxy settings, which could lead to the executi...