23 matches found
EUVD-2020-5094
Malware in sbrugna...
EUVD-2022-40660
Malicious code in bioql PyPI...
CVE-2025-32230
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS tutor.This issue affects Tutor LMS: from n/a through = 3.4.0...
CVE-2025-22402
Dell Update Manager Plugin, versions 1.5.0 through 1.6.0, contains an Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2024-2010
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in TE Informatics V5 allows Reflected XSS. This issue affects V5: before 6.2...
CVE-2024-41697
Priority - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS...
CVE-2024-41697 Priority – CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Priority - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS...
CVE-2024-41697
CVE-2024-41697 corresponds to a Basic XSS (CWE-80) vulnerability with CVSS v3.1 metrics: Network attack vector, low attack complexity, no privileges required, user interaction required, and scope changed. Exploitation status is not indicated in the provided documents; the impact is limited to con...
CVE-2024-41693
Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS...
CVE-2024-41693 Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS...
CVE-2024-41693
Mashov (an Israeli instructional management system) has a Cross-Site Scripting (XSS) flaw: CWE-80 due to improper neutralization of script-related HTML tags in web pages. The CVE-2024-41693 entry notes a basic XSS risk with CVSSv3.1 base score 6.1 (NETWORK, UI required, no privileges, changed sco...
CVE-2024-36395 Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS...
CVE-2023-49852
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Vsourz Digital Responsive Slick Slider WordPress allows Code Injection.This issue affects Responsive Slick Slider WordPress: from n/a through 1.4...
CVE-2024-32790
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Supsystic Pricing Table by Supsystic allows Code Injection.This issue affects Pricing Table by Supsystic: from n/a through 1.9.12...
CVE-2024-4214
CVE-2024-4214 is a Basic XSS vulnerability in the WordPress Cardealer plugin (Car Dealer). The connected documents indicate an improper neutralization of script-related HTML tags in a Car Dealer web page, affecting the plugin versions up to 4.15. The sources do not provide concrete attack vectors...
Design/Logic Flaw
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Saphira Saphira Connect allows Reflected XSS.This issue affects Saphira Connect: before 9...
CVE-2023-29205 org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro
XWiki Commons are technical libraries common to several other top level XWiki projects. The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attack. This can be...
Siemens XHQ Operations Intelligence
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: XHQ Operations Intelligence Vulnerabilities: Cross-site Request Forgery, Improper Neutralization of Script-Related HTML Tags in a Web Page, Improper Input Validation 2. RISK...
CVE-2018-13375
An Improper Neutralization of Script-Related HTML Tags in Fortinet FortiAnalyzer 5.6.0 and below and FortiManager 5.6.0 and below allows an attacker to send DHCP request containing malicious scripts in the HOSTNAME parameter. The malicious script code is executed while viewing the logs in...
CVE-2018-1000154
Zammad (version 2.3.0 and earlier) contains an Improper Neutralization of Script-Related HTML Tags in email subjects (CWE-80) that can lead to embedding/execution of JavaScript in a user’s browser, exploitable when a ticket is opened. Affected: Zammad