CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Cvelist•added 2023/05/08 1:58 p.m.•16 views

CVE-2023-1651 ChatBot < 4.4.9 - Subscriber+ OpenAI Settings Update to Stored XSS

The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in the AJAX action responsible to update the OpenAI settings, allowing any authenticated users, such as subscriber to update them. Furthermore, due to the lack of escaping of the settings, this could also lead to...

5.4AI score0.00242EPSS

Exploits2References1

NVD•added 2022/10/13 11:15 p.m.•14 views

CVE-2022-35134

Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting XSS vulnerability...

5.4CVSS0.00438EPSS

Exploits1References1

Prion•added 2022/10/13 11:15 p.m.•12 views

Cross site scripting

Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting XSS vulnerability...

4.9CVSS5.3AI score0.00438EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/10/13 12:0 a.m.•25 views

CVE-2022-35134

Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting XSS vulnerability...

5.5AI score0.00438EPSS

Exploits1References1

CVE•added 2022/10/13 12:0 a.m.•52 views

CVE-2022-35134

The CVE-2022-35134 case concerns Boodskap IoT Platform v4.4.9-02, with a cross-site scripting (XSS) vulnerability in the web application. The connected documents identify the affected product/version and attribute the root cause to insufficient input validation and output cleanup across multiple ...

5.4CVSS5.3AI score0.00438EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by