CVE-2026-50592

In Znuny LTS before 6.5.21 and Znuny before 7.3.3, there is reflected XSS in AdminCommunicationLog aka the communication log administration view...

CVE-2020-5628

UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via the vulnerable App. As a result, if the access destination is a malicious website, the user may fall victim to the social engineering attack...

Security Bulletin: IBM QRadar SIEM is vulnerable to cross-site scripting (XSS) (CVE-2022-22345)

Summary IBM QRadar SIEM is vulnerable to cross site scripting XSS. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-22320 DESCRIPTION: IBM QRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the...

GHSA-9M93-W8W6-76HH Mongoose Prototype Pollution vulnerability

Prototype Pollution in GitHub repository automattic/mongoose prior to 7.3.3, 6.11.3, and 5.13.20...

CVE-2022-28982

A cross-site scripting XSS vulnerability in Liferay Portal v7.3.3 through v7.4.2 and Liferay DXP v7.3 before service pack 3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name of a tag...

Liferay Portal和Liferay DXP 跨站脚本漏洞

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...

PT-2022-17946 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.3.3 through 7.4.0 Liferay DXP 7.3 before service pack 3 Description: A cross-site scripting XSS issue exists in the Asset module's asset categories selector, allowing remote attackers to inject arbitrary web script o...