CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 EOL allowed malicious users to execute...

6.1CVSS5.9AI score0.00419EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 4:17 a.m.•4 views

CVE-2023-41588

A cross-site scripting XSS vulnerability in Time to SLA plugin v10.13.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the durationFormat parameter...

6.1CVSS5.8AI score0.00411EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:50 p.m.•13 views

CVE-2020-12629

include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name...

5.4CVSS5.8AI score0.01504EPSS

Exploits1

NVD•added 2024/10/11 9:15 p.m.•13 views

CVE-2024-48937

Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows XSS. JavaScript code in the short description of the SLA field in Activity Dialogues is executed...

6.1CVSS0.00365EPSS

Exploits0References3

OSV•added 2024/10/11 9:15 p.m.•8 views

CVE-2024-48937

Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows XSS. JavaScript code in the short description of the SLA field in Activity Dialogues is executed...

6.1CVSS7AI score

Exploits0References3

OSV•added 2024/10/11 9:15 p.m.•1 views

DEBIAN-CVE-2024-48937

Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows XSS. JavaScript code in the short description of the SLA field in Activity Dialogues is executed...

6.1CVSS5.3AI score0.00365EPSS

Exploits0References1

OSV•added 2024/10/11 9:15 p.m.•0 views

UBUNTU-CVE-2024-48937

Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows XSS. JavaScript code in the short description of the SLA field in Activity Dialogues is executed...

6.1CVSS5.8AI score0.00365EPSS

Exploits0References5

CNNVD•added 2024/10/11 12:0 a.m.•1 views

Znuny 安全漏洞

Znuny is a work order system from Znuny, Inc. A security vulnerability exists in Znuny versions 6.5.1 through 6.5.10, 7.0.1 through 7.0.16, and 6.0, which stems from a cross-site scripting vulnerability in which JavaScript code in the short description of the SLA field in the Activity dialog box...

6.1CVSS6AI score0.00365EPSS

Exploits0References3

Positive Technologies•added 2024/10/11 12:0 a.m.•6 views

PT-2024-33283 · Znuny +1 · Znuny +1

Name of the Vulnerable Software and Affected Versions: Znuny versions prior to 6.5.1 through 6.5.10 Znuny versions 7.0.1 through 7.0.16 Description: The issue allows for XSS, where JavaScript code in the short description of the SLA field in Activity Dialogues is executed. Recommendations: For...

6.1CVSS7.3AI score0.00365EPSS

Exploits0References13

Vulnrichment•added 2024/10/11 12:0 a.m.•12 views

CVE-2024-48937

Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows XSS. JavaScript code in the short description of the SLA field in Activity Dialogues is executed...

7AI score0.00365EPSS

Exploits0References3

CVE•added 2024/10/11 12:0 a.m.•55 views

CVE-2024-48937

Znuny has a cross-site scripting vulnerability (CVE-2024-48937) affecting Znuny before LTS 6.5.1–6.5.10 and 7.0.1–7.0.16, where JavaScript executed from the short description of the SLA field in Activity Dialogues can be triggered. The underlying issue is an XSS in the SLA short description conte...

6.1CVSS7.3AI score0.00365EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by