Lucene search
K

4 matches found

CNNVD
CNNVD
added 2025/08/04 12:0 a.m.3 views

Liferay Portal 跨站脚本漏洞

Liferay Portal is a J2EE-based portal solution from the US company Liferay. The solution uses technologies such as EJB as well as JMS, and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, and so on. A cross-site scripting vulnerability exis...

6.1CVSS6.3AI score0.0017EPSS
Exploits0References2
Prion
Prion
added 2015/06/17 6:59 p.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in js/wp-seo-metabox.js in the WordPress SEO by Yoast plugin before 2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the posttitle parameter to wp-admin/post-new.php, which is not properly handled in the snippet preview...

4.3CVSS6.3AI score0.03206EPSS
Exploits2References8Affected Software1
NVD
NVD
added 2015/06/17 6:59 p.m.19 views

CVE-2012-6692

Cross-site scripting XSS vulnerability in js/wp-seo-metabox.js in the WordPress SEO by Yoast plugin before 2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the posttitle parameter to wp-admin/post-new.php, which is not properly handled in the snippet preview...

4.3CVSS5.8AI score0.03206EPSS
Exploits2References8
WPVulnDB
WPVulnDB
added 2015/06/12 12:0 a.m.43 views

Yoast SEO <= 2.1.1 - Authenticated Stored DOM XSS

The "snippet preview" functionality of the Yoast WordPress SEO plugin was susceptible to cross-site scripting in versions before 2.2. PoC Vulnerable URL: /wp-admin/post-new.php?posttitle= Vulnerable Code wordpress-seo/js/wp-seo-metabox.js: function ystcleanstr if str == '' || str == undefined...

4.3CVSS0.3AI score0.03206EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder