3 matches found
CVE-2025-54862 Santesoft Sante PACS Server Cross-site Scripting
Sante PACS Server web portal is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes redirecting a user to a malicious webpage and stealing the user's cookie...
CVE-2025-46549 Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting
YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an attacker can use a reflected cross-site scripting attack to steal cookies from an authenticated user by having them click on a malicious link. Stolen cookies allow the attacker to take over the user’s session. This vulnerability...
Pimcore has Cross site Scripting vulnerability in Schedule tab of Documents
Impact This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Patches Update to version 10.5.19 or apply this patch manually...