Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2025/08/18 10:25 p.m.9 views

LibreNMS allows stored XSS in Alert Template name field

Summary A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS alertdocument.cookie/script and filling the other fields with arbitrary content e.g., test, once the template is saved, the script is executed. This confirms that user input is stored and later rendered without proper outp...

5.5CVSS5AI score0.00817EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/11/01 12:15 a.m.6 views

CVE-2023-47097

A Stored Cross-Site Scripting XSS vulnerability in the Server Template under System Setting in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Template name field while creating server templates...

5.4CVSS5.9AI score0.00407EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/10/31 12:0 a.m.7 views

PT-2023-30305 · Unknown · Virtualmin

Name of the Vulnerable Software and Affected Versions: Virtualmin version 7.7 Description: A Stored Cross-Site Scripting XSS issue in the Server Template under System Setting in Virtualmin allows remote attackers to inject arbitrary web script or HTML via the Template name field while creating...

5.4CVSS5.2AI score0.00407EPSS
Exploits1References7
OSV
OSV
added 2020/08/31 1:15 p.m.2 views

CVE-2020-15020

An issue was discovered in the Elementor plugin through 2.9.13 for WordPress. An authenticated attacker can achieve stored XSS via the Name Your Template field...

5.4CVSS7AI score0.65037EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2020/08/31 1:15 p.m.9 views

CVE-2020-15020

An issue was discovered in the Elementor plugin through 2.9.13 for WordPress. An authenticated attacker can achieve stored XSS via the Name Your Template field...

8.8CVSS7.1AI score0.65037EPSS
Exploits2References5
Rows per page
Query Builder