CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

CVE-2026-7308

An authenticated user with upload permission to a hosted repository can store content that causes arbitrary JavaScript to execute in the browser of any user who browses that repository directory via the HTML index page in Sonatype Nexus Repository versions 3.6.0 through versions before 3.92.0. Th...

5.1CVSS5.7AI score0.00052EPSS

Exploits0References1

Positive Technologies•added 2025/09/29 12:0 a.m.•2 views

PT-2025-39854

Name of the Vulnerable Software and Affected Versions FairSketch RISE Ultimate Project Manager & CRM version 3.9.4 Description A cross-site scripting XSS issue exists in FairSketch RISE Ultimate Project Manager & CRM. An administrator can store a JavaScript payload via the file explorer within th...

6.1CVSS5.7AI score0.00037EPSS

Exploits2References6

CNNVD•added 2024/05/17 12:0 a.m.•2 views

Rocketsoft Rocket LMS 跨站脚本漏洞

RocketSoft Rocket LMS is a full-featured Learning Management System from RocketSoft, Inc. A security vulnerability exists in Rocketsoft Rocket LMS version 1.9 that stems from the presence of a cross-site scripting XSS vulnerability that allows administrators to store JavaScript payloads using the...

4.8CVSS4.7AI score0.01054EPSS

Exploits4References4

CNNVD•added 2024/03/14 12:0 a.m.•1 views

SonicWALL SonicOS Cross-Site Scripting Vulnerability

SonicWALL SonicOS is a suite of operating systems from SonicWALL, Inc. designed for use with SonicWall firewall appliances. A cross-site scripting vulnerability exists in SonicWALL SonicOS that stems from the presence of cross-site scripting that allows an authenticated, remote attacker to store...

8.3CVSS6.5AI score0.00233EPSS

Exploits0References2

OSV•added 2023/12/13 7:15 p.m.•3 views

CVE-2023-6789

A cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. Then, when viewed by a properly authenticated administrator, the JavaScript payload executes and disguis...

4.8CVSS5.7AI score0.00163EPSS

Exploits0References1

Positive Technologies•added 2023/11/09 12:0 a.m.•4 views

PT-2023-8655 · Palo Alto Networks · Pan-Os

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS affected versions not specified Description: A cross-site scripting XSS issue in the web interface of Palo Alto Networks PAN-OS software allows a malicious authenticated read-write administrator to store a JavaScript...

8.3CVSS5.8AI score0.00533EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by