Lucene search
+L

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.9 views

CVE-2020-7110

ClearPass is vulnerable to Stored Cross Site Scripting by allowing a malicious administrator, or a compromised administrator account, to save malicious scripts within ClearPass that could be executed resulting in a privilege escalation attack. Resolution: Fixed in 6.7.13, 6.8.4, 6.9.0 and higher...

4.8CVSS6.6AI score0.0062EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-1614

Malware in sbrugna...

5.4CVSS5.4AI score0.00643EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-28244

Malware in sbrugna...

4.8CVSS5.2AI score0.0062EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/18 5:54 p.m.10 views

CVE-2024-4028 Keycloak-core: stored xss in keycloak when creating a items in admin console

A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items Resource and Permissions from the admin console, leading to a stored cross-site scripting XSS attack...

3.8CVSS5.6AI score0.00278EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/01/06 8:15 p.m.6 views

CVE-2024-55074

The edit profile function of Grocy through 4.3.0 allows stored XSS and resultant privilege escalation by uploading a crafted HTML or SVG file, a different issue than CVE-2024-8370...

9CVSS6.3AI score0.00638EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/11/25 12:0 a.m.8 views

CVE-2022-37721

PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting XSS when a low privileged user such as an author, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation...

6.2AI score0.00701EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/31 8:5 p.m.5 views

CVE-2022-40288 Stored cross-site scripting in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC via messaging functionality

The application was vulnerable to an authenticated Stored Cross-Site Scripting XSS in the user profile data fields, which could be leveraged to escalate privileges within and compromise any account that views their user profile...

5.8AI score0.00621EPSS
Exploits0References1
Typo3
Typo3
added 2014/02/12 12:0 a.m.196 views

Several vulnerabilities in third party extensions

Several vulnerabilities have been found in the following third-party TYPO3 extensions: alphasitemap, femanager kestats, outstats, pxphpids, smarty, wecmap Release Date: February 12, 2014 Bulletin update: September 18, 2014 added CVEs Please read first: This Collective Security Bulletin CSB is a...

7.5CVSS7.3AI score0.01688EPSS
Exploits0Affected Software6
Rows per page
Query Builder