Lucene search
+L

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/19 9:9 p.m.8 views

CVE-2026-34241

CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting XSS vulnerability in the ticket reply notification system. Unsanitized reply content $newmessage is stored directly in database notification payloads and later rendered...

8.7CVSS6AI score0.00349EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/02/03 11:49 a.m.3 views

Cross-site Scripting (XSS)

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper sanitization of AI prompt responses. An attacker can execute arbitrary scripts in the context of another user's session by injecting malicious HTML or JavaScrip...

8.5CVSS5.5AI score0.00232EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.7 views

PT-2025-50272

Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the WindowContext parameter of the ''/Mondo/lang/sys/Forms/MAI/compose.aspx'' endpoint. The...

5.3CVSS5.6AI score0.00344EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 8:50 a.m.11 views

CVE-2024-37763

MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results...

5.4CVSS6.1AI score0.00672EPSS
Exploits1References1
OSV
OSV
added 2023/12/07 6:15 p.m.5 views

CVE-2023-6333

The affected ControlByWeb Relay products are vulnerable to a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface that could run malicious javascript code during a user's session...

5.4CVSS5.9AI score0.00416EPSS
Exploits0References1
Rows per page
Query Builder