Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/04/22 7:32 p.m.9 views

CVE-2026-3673 Frappe Framework 16.10.0 - Stored DOM XSS in Tag Pill Renderer

An authenticated attacker can store a crafted tag value in usertags and trigger JavaScript execution when a victim opens the list/report view where tags are rendered. The vulnerable renderer interpolates tag content into HTML attributes and element content without escaping. This issue affects...

4.6CVSS5.9AI score0.00201EPSS
Exploits1References2
OSV
OSV
added 2024/04/09 6:52 p.m.24 views

GHSA-747V-52C4-8VJ8 Contao: Unencoded insert tags in the frontend

Impact It is possible to inject insert tags via the form generator if the submitted form data is output on the page in a specific way. Patches Update to Contao 4.13.40 or 5.3.4. Workarounds Do not output the submitted form data on the website. References...

3.1CVSS4.4AI score0.00497EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/10/25 12:0 a.m.4 views

Paessler PRTG Network Monitor 跨站脚本漏洞

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler, Germany. A cross-site scripting vulnerability exists in PRTG Network Monitor version 22.2.77.2204, which originates from the fact that it does not block custom input for device icons and can...

5.3CVSS5.6AI score0.00726EPSS
Exploits1References3
OSV
OSV
added 2019/07/12 6:15 p.m.20 views

CVE-2019-1010310

GLPI GLPI Product 9.3.1 is affected by: Frame and Form tags Injection allowing admins to phish users by putting code in reminder description. The impact is: Admins can phish any user or group of users for credentials / credit cards. The component is: Tools Reminder Description .. Set the...

3.5CVSS7.3AI score
Exploits0References2
exploitpack
exploitpack
added 2008/11/24 12:0 a.m.13 views

VideoScript 3.0 4.1.5.55 - Unofficial Shell Injection

VideoScript 3.0 4.1.5.55 - Unofficial Shell Injection ?php ============================================= = x VideoScript 3.0 = 4.1.5.55 Unofficial Shell Injection Exploit = = x by G4N0K = ============================================= errorreportingEALL; $G4N0K...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2004/07/06 12:0 a.m.43 views

[Full-Disclosure] RS-2004-2: "Content-Type" XSS vulnerability affecting other webmail systems

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =============================== - RS-Labs Security Advisory - =============================== Tittle: "Content-Type" XSS vulnerability affecting other webmail systems ID: RS-2004-2 Severity: Medium / High - Arbitrary tags injection in victim's browser...

5.9AI score
Exploits0
securityvulns
securityvulns
added 2003/02/12 12:0 a.m.38 views

/search/index.cfm crossite scripting

/search/index.cfm allows insert HTML tags via search paramter...

1.8AI score
Exploits0References1
Rows per page
Query Builder