14 matches found
CVE-2023-50707
Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device...
EUVD-2018-11866
Malware in sbrugna...
EUVD-2020-14753
Malware in sbrugna...
EUVD-2016-9512
Malware in sbrugna...
EUVD-2025-0057
Malicious code in bioql PyPI...
CVE-2025-0602
A stored Cross-site Scripting XSS vulnerability affecting Compare in Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2024-6585
Multiple stored cross-site scripting “XSS” vulnerabilities in the markdown dashboard and dashboard comment functionality of Lightdash version 0.1024.6 allows remote authenticated threat actors to inject malicious scripts into vulnerable web pages. A threat actor could potentially exploit this...
CVE-2019-17653
A Cross-Site Request Forgery CSRF vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated attacker to perform arbitrary actions using an authenticated user's session by persuading the victim to follow a malicious link...
CVE-2025-43861
ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 2f177dc, ManageWiki is vulnerable to reflected or stored XSS in the review dialog. A logged-in attacker must change a form field to include a malicious payload. If that same user then opens the "Review Changes"...
CVE-2025-30342
An XSS issue was discovered in OpenSlides before 4.2.5. When submitting descriptions such as Moderator Notes or Agenda Topics, an editor is shown that allows one to format the submitted text. This allows insertion of various HTML elements. When trying to insert a SCRIPT element, it is properly...
CVE-2025-0601
A stored Cross-site Scripting XSS vulnerability affecting Issue Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2023-50707 Uncontrolled Resource Consumption in EFACEC BCU 500
Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device...
CVE-2023-30742 Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)
SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 700, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting...
OpenBB 1.0.0 RC3 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/4824/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. It has been reported that OpenBB is vulnerable to a cross-site scripting attack. Attackers may exploit...