Siemens APE1808 Improper Neutralization of Script in Attributes in a Web Page (CVE-2025-4615)

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. This plugin only works with Tenable.ot. Please visit...

CVE-2025-39524

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in bPlugins Html5 Audio Player html5-audio-player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through = 2.2.28...

CVE-2025-39524 WordPress Html5 Audio Player plugin <= 2.2.28 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in bPlugins Html5 Audio Player html5-audio-player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through = 2.2.28...

CVE-2025-32230 WordPress Tutor LMS plugin <= 3.4.0 - HTML Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS. This issue affects Tutor LMS: from n/a through 3.4.0...

CVE-2025-32200

...

OpenText Service Management Automation X 安全漏洞

OpenText Service Management Automation X is advanced service management made easy by OpenText Canada. Based on embedded machine learning and analytics, it provides a smarter approach to IT Service Management ITSM, IT Asset Management ITAM and Enterprise Service Management ESM. A security...

PT-2025-5198 · Unknown · Ella Van Durpe Slides & Presentations

Name of the Vulnerable Software and Affected Versions: Ella van Durpe Slides & Presentations versions 0.0.0 through 0.0.39 Description: The issue is related to the improper neutralization of script-related HTML tags in a web page, which allows for code injection. This is a basic Cross-Site...

PT-2024-26966 · Verint · Verint

Name of the Vulnerable Software and Affected Versions: Verint affected versions not specified Description: The issue is related to improper neutralization of script-related HTML tags in a web page, which can lead to basic cross-site scripting XSS. Recommendations: At the moment, there is no...

Cross site scripting

A vulnerability in Cisco Jabber Client Framework JCF could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected device. The vulnerability is due to improper neutralization of script in attributes in a web page. An attacker could...