39 matches found
CVE-2024-36395 Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS...
CVE-2023-49852
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Vsourz Digital Responsive Slick Slider WordPress allows Code Injection.This issue affects Responsive Slick Slider WordPress: from n/a through 1.4...
CVE-2023-47663
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-32790
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Supsystic Pricing Table by Supsystic allows Code Injection.This issue affects Pricing Table by Supsystic: from n/a through 1.9.12...
CVE-2024-4214
CVE-2024-4214 is a Basic XSS vulnerability in the WordPress Cardealer plugin (Car Dealer). The connected documents indicate an improper neutralization of script-related HTML tags in a Car Dealer web page, affecting the plugin versions up to 4.15. The sources do not provide concrete attack vectors...
Design/Logic Flaw
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Saphira Saphira Connect allows Reflected XSS.This issue affects Saphira Connect: before 9...
Siemens SCALANCE X-200RNA Switch Devices Improper Neutralization of Script-Related HTML Tags in a Web Page (CVE-2022-46350)
A vulnerability has been identified in SCALANCE X204RNA HSR All versions V3.2.7, SCALANCE X204RNA PRP All versions V3.2.7, SCALANCE X204RNA EEC HSR All versions V3.2.7, SCALANCE X204RNA EEC PRP All versions V3.2.7, SCALANCE X204RNA EEC PRP/HSR All versions V3.2.7. The integrated web server could...
CVE-2023-29205 org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro
XWiki Commons are technical libraries common to several other top level XWiki projects. The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attack. This can be...
CVE-2023-29205 org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macro
XWiki Commons are technical libraries common to several other top level XWiki projects. The HTML macro does not systematically perform a proper neutralization of script-related html tags. As a result, any user able to use the html macro in XWiki, is able to introduce an XSS attack. This can be...
CVE-2022-1293
The embedded neutralization of Script-Related HTML Tag, was by-passed in the case of some extra conditions...
CVE-2022-1293
CVE-2022-1293 is an XSS vulnerability in Citadel client versions 7.1.1 and earlier. It stems from bypassing the embedded neutralization of a Script-Related HTML Tag and can be bypassed under additional conditions. No exploit details are provided in the connected documents.
CVE-2022-1293 XSS vulnerability in Citadel
The embedded neutralization of Script-Related HTML Tag, was by-passed in the case of some extra conditions...
Siemens XHQ Operations Intelligence
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: XHQ Operations Intelligence Vulnerabilities: Cross-site Request Forgery, Improper Neutralization of Script-Related HTML Tags in a Web Page, Improper Input Validation 2. RISK...
CVE-2018-13375
An Improper Neutralization of Script-Related HTML Tags in Fortinet FortiAnalyzer 5.6.0 and below and FortiManager 5.6.0 and below allows an attacker to send DHCP request containing malicious scripts in the HOSTNAME parameter. The malicious script code is executed while viewing the logs in...
CVE-2018-13375
CVE-2018-13375 is an XSS-style vulnerability in Fortinet products where FortiAnalyzer 5.6.0 and earlier and FortiManager 5.6.0 and earlier fail to properly neutralize script-related HTML tags in the DHCP HOSTNAME parameter. An attacker can inject malicious scripts via a DHCP request, and the scri...
CVE-2018-1000154
Zammad (version 2.3.0 and earlier) contains an Improper Neutralization of Script-Related HTML Tags in email subjects (CWE-80) that can lead to embedding/execution of JavaScript in a user’s browser, exploitable when a ticket is opened. Affected: Zammad
Open-Xchange Security Advisory 2014-02-10
Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 30820 Bug ID Vulnerability type: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page Vulnerable version: 7.4.1 and earlier Vulnerable component: backend Fixed version: 7.2.2-rev31, 7.4.0-rev27,...
Open-Xchange Security Advisory 2014-01-06
Open-Xchange Security Advisory 2014-01-06 Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 30203 Bug ID Vulnerability type: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page Vulnerable version: 7.4.0 and earlier Vulnerable component: backend Fixe...
Open-Xchange Security Advisory 2013-09-30
Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 28642 Bug ID Vulnerability type: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page Vulnerable version: prior to 7.2.2 Vulnerable component: backend Fixed version: 7.0.2-rev16, 7.2.2-rev20 Report...