Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/09/13 4:33 p.m.10 views

CVE-2025-10254

A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The...

5.1CVSS5.8AI score0.00246EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/11 4:2 p.m.8 views

CVE-2025-10255 Ascensio System SIA OnlyOffice Comment Messages.aspx cross site scripting

A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...

5.1CVSS5.3AI score0.00293EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/01/04 12:0 a.m.7 views

Solarwinds WebHelpDesk 跨站脚本漏洞

SolarWinds Web Help Desk is a web-based help desk work order and IT asset management software. A cross-site scripting vulnerability exists in SolarWinds Web Help Desk 12.7.0. The vulnerability can be exploited to conduct a cross-site scripting attack via a CSV template file with a specially craft...

5.4CVSS5.9AI score0.01331EPSS
Exploits1References4
OSV
OSV
added 2020/12/18 9:15 a.m.3 views

CVE-2019-16955

SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request...

5.4CVSS5.8AI score0.01656EPSS
Exploits1References3
CNNVD
CNNVD
added 2020/12/18 12:0 a.m.6 views

Solarwinds WebHelpDesk 跨站脚本漏洞

SolarWinds Web Help Desk is a web-based help desk work order and IT asset management software. A cross-site scripting vulnerability exists in SolarWinds Web Help Desk 12.7.0. An attacker can exploit this vulnerability to conduct a cross-site scripting attack via an SVG document uploaded in a...

5.4CVSS5.9AI score0.01656EPSS
Exploits1References4
CNNVD
CNNVD
added 2020/12/18 12:0 a.m.7 views

Solarwinds WebHelpDesk 跨站脚本漏洞

SolarWinds Web Help Desk is a web-based help desk work order and IT asset management software. A cross-site scripting vulnerability exists in SolarWinds Web Help Desk 12.7.0. The vulnerability can be exploited to conduct cross-site scripting attacks via the "name" field of a user account...

5.4CVSS5.9AI score0.0147EPSS
Exploits1References4
Rows per page
Query Builder