Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.1 views

PT-2026-27895

Name of the Vulnerable Software and Affected Versions Jaroti versions prior to 1.4.8 Description An issue exists in Jaroti that allows for Reflected Cross-Site Scripting XSS. This occurs due to improper handling of user-supplied input during web page generation. The vulnerability allows an attack...

7.1CVSS5.9AI score0.00045EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/12/30 11:15 p.m.3 views

CVE-2025-68607

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hiroaki Miyashita Custom Field Template custom-field-template allows Stored XSS.This issue affects Custom Field Template: from n/a through = 2.7.7...

6.5CVSS5.9AI score0.00024EPSS
Exploits0References1
CVE
CVEadded 2025/04/15 11:59 a.m.44 views

CVE-2025-26982

CVE-2025-26982 corresponds to a DOM-based XSS in the DSGVO Youtube WordPress plugin (DSGVO Youtube) prior to or up to version 1.5.1. The issue arises from improper input neutralization during web page generation, enabling DOM-based Cross-Site Scripting. The vulnerability affects DSGVO Youtube 1.5...

6.5CVSS7.2AI score0.00322EPSS
Exploits0References1
GitLab Advisory Database
GitLab Advisory Databaseadded 2023/06/16 12:0 a.m.10 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in @apollo/server...

6.9AI score
Exploits0References3Affected Software1
CNVD
CNVDadded 2021/11/24 12:0 a.m.20 views

Snipe-IT Cross-Site Scripting Vulnerability (CNVD-2022-19842)

Snipe-IT is an open source IT asset/license management system. Snipe-IT has a cross-site scripting vulnerability that stems from the product's web generation page not validating the input data, which could be exploited by an attacker to cause client-side code execution...

8CVSS2.8AI score0.00326EPSS
Exploits1References1
CNNVD
CNNVDadded 2021/11/19 12:0 a.m.1 views

Django-helpdesk跨站脚本漏洞

Django-Helpdesk is a Django application. It is used to manage internal helpdesk tickets. A cross-site scripting vulnerability exists in Django-helpdesk that stems from the product's web generation page not validating input data. An attacker can use this vulnerability to cause client-side code...

8.8CVSS7AI score0.00357EPSS
Exploits1References3
CNNVD
CNNVDadded 2021/11/19 12:0 a.m.1 views

Snipe-it 跨站脚本漏洞

Snipe-IT is an open source IT asset/license management system. Snipe-IT has a cross-site scripting vulnerability that stems from the product's web generation page not validating the input data, which could be exploited by an attacker to cause client-side code execution...

8CVSS5.5AI score0.00326EPSS
Exploits1References4
CNNVD
CNNVDadded 2021/02/08 12:0 a.m.4 views

HPE Apollo 安全漏洞

The HPE Apollo 70 system is an Arm-based platform that provides the density and scalability required for large HPC cluster deployments. A local buffer overflow vulnerability exists in the libifc.so webgeneratesslcfg function in the Baseboard Management Controller BMC firmware in HPE Apollo 70...

7.8CVSS7.3AI score0.00131EPSS
Exploits0References3
Rows per page
Query Builder