CVE-2025-63072

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THEMECO Cornerstone cornerstone allows Stored XSS.This issue affects Cornerstone: from n/a through = 7.7.3...

CVE-2025-63072 WordPress Cornerstone plugin <= 7.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THEMECO Cornerstone cornerstone allows Stored XSS.This issue affects Cornerstone: from n/a through = 7.7.3...

CVE-2025-63072

The CVE describes a stored XSS in the WordPress Cornerstone plugin (THEMECO Cornerstone) affecting versions up to and including 7.7.3. The vulnerability arises from improper input neutralization during web page generation, enabling stored cross-site scripting. Affected component: Cornerstone Word...

CVE-2025-63072 WordPress Cornerstone plugin <= 7.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THEMECO Cornerstone cornerstone allows Stored XSS.This issue affects Cornerstone: from n/a through = 7.7.3...

GHSA-H2VQ-7GF2-QW9V Umbraco CMS XXE Vulnerability

XML external entity XXE vulnerability in Umbraco CMS before 7.7.3 allows attackers to obtain sensitive information by reading files on the server or sending TCP requests to intranet hosts aka SSRF, related to Umbraco.Web/umbraco.presentation/umbraco/dialogs/importDocumenttype.aspx.cs...

Incorrect Authorization in Apache Solr

Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous which could be used for remote code execution to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such featur...

LogicalDOC Enterprise 7.7.4 - Directory Traversal Vulnerability

Exploit for java platform in category web applications LogicalDOC Enterprise 7.7.4 Multiple Directory Traversal Vulnerabilities Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4 7.7.3 7.7.2 7.7.1 7.6.4 7.6.2 7.5.1 7.4.2 7.1.1 Summary: LogicalDOC is a free...

Websense Content Gateway XSS vulnerabilities

Overview Websense Content Gateway contains XSS vulnerabilities. Description Websense Content Gateway contains the following post-authentication reflective XSS vulnerabilities within the menu and item parameter values in the /monitor/moverview.ink webpage. The reflective XSS reported allows for...