Lucene search
K

27433 matches found

Debian CVE
Debian CVE
added 2023/04/25 6:33 p.m.17 views

CVE-2021-26263

Cross-site scripting XSS issue in Discuss app of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to inject arbitrary web script in the browser of a victim, by posting crafted contents...

7.5CVSS6.6AI score0.00557EPSS
Exploits0
Cvelist
Cvelist
added 2023/04/25 6:33 p.m.16 views

CVE-2021-44775

Cross-site scripting XSS issue in Website app of Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim, by posting crafted contents...

6.5CVSS6.4AI score0.0055EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/25 6:33 p.m.12 views

CVE-2021-44775

Cross-site scripting XSS issue in Website app of Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim, by posting crafted contents...

6.5CVSS6AI score0.0055EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2023/04/25 6:33 p.m.20 views

CVE-2021-44775

Cross-site scripting XSS issue in Website app of Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim, by posting crafted contents...

6.5CVSS6.3AI score0.0055EPSS
Exploits0
CVE
CVE
added 2023/04/25 6:33 p.m.44 views

CVE-2021-44461

CVE-2021-44461 affects Odoo Enterprise 13.0–15.0, specifically the Accounting app’s handling of accounting journal entries. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers who can control journal entry contents to inject arbitrary web script into a victim’s bro...

6.5CVSS6AI score0.00487EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2023/04/25 6:29 p.m.20 views

CVE-2021-45071

Cross-site scripting XSS issue Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim, via crafted uploaded file names...

6.1CVSS5.5AI score0.00657EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/04/25 6:29 p.m.17 views

CVE-2021-45071

Cross-site scripting XSS issue Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim, via crafted uploaded file names...

5.3CVSS6.1AI score0.00657EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/25 6:29 p.m.23 views

CVE-2021-45071

Cross-site scripting XSS issue Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim, via crafted uploaded file names...

5.3CVSS6.4AI score0.00657EPSS
Exploits0References2
OSV
OSV
added 2023/04/25 1:15 p.m.25 views

CVE-2023-26843

A stored Cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the NoteEditor.php...

5.4CVSS5.8AI score0.0142EPSS
Exploits1References2
NVD
NVD
added 2023/04/25 1:15 p.m.21 views

CVE-2023-25346

A reflected cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found...

6.1CVSS6AI score0.01524EPSS
Exploits1References2
OSV
OSV
added 2023/04/25 1:15 p.m.24 views

CVE-2023-25347

A stored cross-site scripting XSS vulnerability in ChurchCRM 4.5.3, allows remote attackers to inject arbitrary web script or HTML via input fields. These input fields are located in the "Title" Input Field in EventEditor.php...

5.4CVSS5.6AI score0.00622EPSS
Exploits1References2
OSV
OSV
added 2023/04/25 1:15 p.m.13 views

CVE-2023-25346

A reflected cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found...

6.1CVSS5.8AI score0.01524EPSS
Exploits1References2
Prion
Prion
added 2023/04/25 1:15 p.m.75 views

Cross site scripting

A reflected cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found...

5.8CVSS5.9AI score0.01524EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/04/25 1:15 p.m.15 views

Cross site scripting

A stored Cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the NoteEditor.php...

4.9CVSS5.3AI score0.0142EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/25 12:0 a.m.6 views

CVE-2023-25346

A reflected cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found...

6AI score0.01524EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/04/25 12:0 a.m.24 views

CVE-2023-25346

A reflected cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found...

6.1AI score0.01524EPSS
Exploits1References2
EUVD
EUVD
added 2023/04/25 12:0 a.m.4 views

EUVD-2023-29304

A reflected cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found...

6.1CVSS5.9AI score0.01524EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/04/25 12:0 a.m.22 views

CVE-2023-26843

A stored Cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the NoteEditor.php...

5.5AI score0.0142EPSS
Exploits1References2
CVE
CVE
added 2023/04/25 12:0 a.m.51 views

CVE-2023-25347

CVE-2023-25347 describes a stored cross-site scripting (XSS) vulnerability affecting ChurchCRM 4.5.3. The issue arises from input fields in the EventEditor.php code, specifically the Title input field, allowing remote attackers to inject arbitrary web script or HTML. The NVD/Red Hat and related e...

5.4CVSS5.2AI score0.00622EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/04/24 9:30 a.m.18 views

GHSA-3862-C622-V4FP Cross-site Scripting in Backdrop CMS

A stored Cross-site scripting XSS issue in Text Editors and Formats in Backdrop CMS before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via the name parameter. When a user is editing any content type e.g., page, post, or card as an admin, the stored XSS payload is execute...

4.8CVSS4.8AI score0.00536EPSS
Exploits1References4
Rows per page
Query Builder