Lucene search
+L

566 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-1196

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00372EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-1759

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00758EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-40459

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-37278

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00397EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-2122

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.0061EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-26856

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00307EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/25 2:52 p.m.1 views

CVE-2025-59838 Monkeytype Vulnerable to Self-XSS on loading saved custom text

Monkeytype is a minimalistic and customizable typing test. In versions 25.36.0 and prior, improper handling of user input when loading a saved custom text results in XSS. This issue has been fixed in version 25.44.0...

2.4CVSS6.4AI score0.00216EPSS
Exploits1References3
CVE
CVE
added 2025/09/25 2:52 p.m.14 views

CVE-2025-59838

CVE-2025-59838 describes a self-XSS vulnerability in Monkeytype prior to version 25.44.0, triggered by improper handling of user input when loading a saved custom text. The issue affects Monkeytype versions up to 25.36.0, where loading saved text could execute unintended scripts. The fixed versio...

5.4CVSS6.4AI score0.00216EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/09/15 9:17 p.m.10 views

CVE-2025-6999 WatchGuard Firebox Authentication Portal Request Smuggling Vulnerability

An HTTP Request Smuggling CWE-444 vulnerability in the Authentication portal of WatchGuard Fireware OS allows a remote attacker to evade request parameter sanitation and perform a reflected self-Cross-Site Scripting XSS attack.This issue affects Fireware OS: from 12.0 through 12.11.2...

6.9CVSS0.0052EPSS
Exploits0References1
Hacker One
Hacker One
added 2025/08/31 5:16 a.m.9 views

Cloudflare Public Bug Bounty: [Variation of #1554049] 1-Click Chaining of Self-XSS, Cookie Tossing and AntiCSRF Token Prediction leads to auto approval in Access Temp Auth

A vulnerability was discovered in Cloudflare Access that could allow for unauthorized approvals within the Temporary Auth workflow. The issue was resolved after the researcher reported it to Cloudflare...

5.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/08/01 11:26 p.m.4 views

CVE-2025-54789 Files is Vulnerable to Reflected Self-XSS through its File Move Functionality

Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, the File Move functionality does not contain logic that prevents injection of arbitrary JavaScript, which can lead to Browser JS code execution in the context of the user’s session. This is fixed i...

5.1CVSS7.9AI score0.00261EPSS
Exploits0References3
CVE
CVE
added 2025/08/01 11:26 p.m.22 views

CVE-2025-54789

The CVE-2025-54789 entry relates to the Files module, specifically the File Move functionality. Versions ≤ 0.16.9 allow injection of arbitrary JavaScript, enabling Browser JavaScript execution in the user’s session. This is the underlying issue described across multiple sources (NVD, Red Hat advi...

6.1CVSS7.9AI score0.00261EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/08/01 11:26 p.m.9 views

CVE-2025-54789 Files is Vulnerable to Reflected Self-XSS through its File Move Functionality

Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, the File Move functionality does not contain logic that prevents injection of arbitrary JavaScript, which can lead to Browser JS code execution in the context of the user’s session. This is fixed i...

5.1CVSS0.00261EPSS
Exploits0References3
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2025/07/23 9:39 p.m.11 views

rsmail

Extension: RSMail! Version: Old 1.22.26, 1.22.27, 1.22.28 / New 1.22.29 Update details: Versions affected 1.19.20 through 1.22.28. Self XSS allows remote authenticated attackers to inject arbitrary web script or HTML via a crafted parameter. Fixed in 1.22.29 Update URL:...

5.6AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 10:27 a.m.10 views

CVE-2024-43808

In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin...

5.4CVSS6AI score0.00248EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 10:1 a.m.11 views

CVE-2024-29865

Logpoint before 7.1.0 allows Self-XSS on the LDAP authentication page via the username to the LDAP login form...

5.4CVSS7.2AI score0.00307EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:43 a.m.7 views

CVE-2024-21730

The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector...

5.4CVSS6.7AI score0.00424EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:31 a.m.5 views

CVE-2024-26481

Kirby CMS v4.1.0 was discovered to contain a reflected self-XSS vulnerability via the URL parameter...

4.7CVSS7.2AI score0.00405EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:38 a.m.7 views

CVE-2024-32468

Deno is a runtime for JavaScript and TypeScript written in rust. Several cross-site scripting vulnerabilities existed in the denodoc crate which lead to Self-XSS with deno doc --html. 1. XSS in generated searchindex.js, denodoc outputs a JavaScript file for searching. However, the generated file...

5.4CVSS5.5AI score0.00325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:24 a.m.13 views

CVE-2022-46904

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...

5.4CVSS6.5AI score0.00341EPSS
Exploits0
Rows per page
Query Builder