Opencast Cross-Site Scripting Vulnerability

Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. Opencast suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied dat...

HCL AION code execution vulnerability (CNVD-2026-16411)

HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a code execution vulnerability that is caused due to a flaw in the content security policy. An attacker can exploit the vulnerability to execute arbitrary scripts inline...

CVE-2025-61417

CVE-2025-61417 is a Cross-Site Scripting (XSS) vulnerability in TastyIgniter 3.7.7, affecting the /admin/media_manager component. An attacker can upload a malicious SVG containing JavaScript; when an administrator previews the file, the code runs in the admin’s browser context, potentially allowi...

CVE-2025-53858

ChatLuck contains a cross-site scripting vulnerability in Chat Rooms. If exploited, an arbitrary script may be executed on the web browser of the user who is accessing the product...

Centreon cross-site scripting vulnerability (CNVD-2025-24648)

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon has a security vulnerability that can be exploited by attackers to execute arbitrary Web scrip...

Centreon has an unspecified vulnerability (CNVD-2025-24172)

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon has a security vulnerability that can be exploited by attackers to execute arbitrary Web scrip...

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2025-24163)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...

Adobe Connects Cross-Site Scripting Vulnerability (CNVD-2025-24428)

Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. Adobe Connect suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute malicious script in a victim's browser...

CVE-2025-62411 Stored XSS in Alert Transport name field in LibreNMS

LibreNMS is a community-based GPL-licensed network monitoring system. LibreNMS = 25.8.0 contains a Stored Cross-Site Scripting XSS vulnerability in the Alert Transports management functionality. When an administrator creates a new Alert Transport, the value of the Transport name field is stored a...

CVE-2025-53858

ChatLuck contains a cross-site scripting vulnerability in Chat Rooms. If exploited, an arbitrary script may be executed on the web browser of the user who is accessing the product...

CVE-2025-58115

ChatLuck (Guest User Sign-up) is affected by a cross-site scripting vulnerability (CVE-2025-58115). The issue allows arbitrary script execution in a user’s browser when signing up as a guest, per Red Hat, NVD, CVE listings and JVN. The vulnerability affects ChatLuck’s guest signup flow; root caus...

CVE-2025-58115

ChatLuck contains a cross-site scripting vulnerability in Guest User Sign-up. If exploited, an arbitrary script may be executed on the web browser of the user who is accessing the product...

CVE-2025-53858

CVE-2025-53858 affects ChatLuck, a ChatLuck product, with a cross-site scripting vulnerability in Chat Rooms that could allow arbitrary script execution in the web browser of a user accessing the product. The connected Red Hat, NVD, JVN, and CVE records corroborate the issue as a browser-executab...

CVE-2025-53858

ChatLuck contains a cross-site scripting vulnerability in Chat Rooms. If exploited, an arbitrary script may be executed on the web browser of the user who is accessing the product...

D-Link Nuclias Connect 安全漏洞

D-Link Nuclias Connect is a network management software from D-Link for centralized management of wireless access points APs, supporting multi-device remote control and reporting capabilities. D-Link Nuclias Connect suffers from a cross-site scripting vulnerability that stems from the application...

WordPress plugin WP BookWidgets 跨站脚本漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin WP BookWidgets cross-site scripting vulnerability , the vulnerability stems fr...

CVE-2025-62366

mailgen is a Node.js package that generates responsive HTML e-mails for sending transactional mail. Mailgen versions through 2.0.30 contain an HTML injection vulnerability in plaintext emails produced by the generatePlaintext method when user‑generated content is supplied. The function attempts t...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper sanitization of the name field in entities. An attacker can execute arbitrary JavaScript in the context of other users' sessions by injecting malicious code into the name field, which is then render...

Centreon 安全漏洞

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon cross-site scripting vulnerability , the vulnerability stems from the lack of effective...

Adobe Commerce 跨站脚本漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...