CVE-2025-53397

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By exploiting this flaw, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other...

CVE-2025-41442 Advantech iView Cross-site Scripting

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By manipulating certain input parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosu...

CVE-2025-53519 Advantech iView Cross-site Scripting

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By manipulating specific parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or...

CVE-2025-53519

Advantech iView is affected in versions prior to 5.7.05 build 7057. The CVE describes a reflected cross-site scripting (XSS) vulnerability triggered by manipulating certain input parameters, allowing an attacker to execute scripts in a user’s browser and potentially cause information disclosure o...

CVE-2025-53397 Advantech iView Cross-site Scripting

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By exploiting this flaw, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other...

CVE-2025-53397

CVE-2025-53397 affects Advantech iView versions prior to 5.7.05 build 7057 and enables a reflected cross-site scripting (XSS) attack. Exploitation could cause the execution of unauthorized scripts in a user’s browser, potentially leading to information disclosure. Mitigation: upgrade to version 5...

CVE-2024-0605

Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar. This bypasses security measures, potentially leading to arbitrary code execution or unauthorized actions within the user's loaded webpage. This vulnerability affec...

CVE-2024-26283

An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS 123...

CVE-2024-12529

The brodos.net Onlineshop Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'BrodosCategory' shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

CVE-2025-30362

WeGIA is a Web manager for charitable institutions. A stored Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.2.8. This vulnerability allows unauthorized scripts to be executed within the user's browser context. Stored XSS is particularly critical, as the malicious cod...

CVE-2025-30363

WeGIA is a Web manager for charitable institutions. A stored Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.2.6. This vulnerability allows unauthorized scripts to be executed within the user's browser context. Stored XSS is particularly critical, as the malicious cod...

CVE-2025-30363

WeGIA is a web management platform for charitable organizations that contains a stored XSS vulnerability in versions prior to 3.2.6. The issue allows attacker-supplied scripts to be preserved on the server and executed in users’ browsers when affected pages load. The vulnerability is fixed in ver...

CVE-2025-30362

WeGIA Web manager contains a stored Cross-Site Scripting (XSS) vulnerability in versions prior to 3.2.8. The issue allows malicious scripts to be stored on the server and executed in the browser context when pages are loaded, potentially affecting all users accessing the affected pages. Version 3...

CVE-2025-30362 WeGIA vulnerable to Stored XSS in documentos_funcionario.php parameter id

WeGIA is a Web manager for charitable institutions. A stored Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.2.8. This vulnerability allows unauthorized scripts to be executed within the user's browser context. Stored XSS is particularly critical, as the malicious cod...

PT-2025-13382 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.8 Description: A stored Cross-Site Scripting XSS issue was identified, allowing unauthorized scripts to be executed within the user's browser context. This type of XSS is particularly critical because the malicious...

Cross Site Scripting(XSS)

Svelte is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper HTML escaping during server-side rendering, allowing an attacker to inject malicious content and execute unauthorized scripts in the victim's browser...

GoCD: XSS in new.loading.page.html

A cross-site scripting vulnerability was found in new.loading.page.html due to inadequate handling of query parameters. This allowed attackers to insert javascript URIs as redirectors, leading to unauthorized script execution...

Cross-site Scripting (XSS)

Concrete CMS is vulnerable to cross-site scripting. The vulnerability is due to improper input validation, allowing an administrator to inject malicious code through the Layout Preset name, posing a risk of executing unauthorized scripts within the context of the targeted user's browser...

CVE-2024-26283

An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS 123...

CVE-2024-1563

An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme and a timeout race condition. This vulnerability affects Focus for iOS 122...