Lucene search
K

27433 matches found

CNVD
CNVD
added 2023/05/04 12:0 a.m.7 views

CLTPHP Cross-Site Scripting Vulnerability

CLTPHP is an open source and efficient site-building PHP content management system. CLTPHP version 6.0 and previous versions of cross-site scripting vulnerability, the vulnerability stems from the file Changyan.php on the lack of effective user-supplied data filtering and escaping, an attacker ca...

6.1CVSS6.6AI score0.00395EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/04 12:0 a.m.8 views

CVE-2023-30094

A stored cross-site scripting XSS vulnerability in TotalJS Flow v10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module...

5.2AI score0.00667EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/05/04 12:0 a.m.7 views

CVE-2023-30095

A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel description field...

5.3AI score0.00667EPSS
Exploits1References3
Prion
Prion
added 2023/05/02 8:15 p.m.20 views

Cross site scripting

A Stored cross-site scripting vulnerability in Jedox 2020.2.5 allows remote, authenticated users to inject arbitrary web script or HTML in the Logs page via the log module 'log'...

4.9CVSS5.1AI score0.02631EPSS
Exploits4References2Affected Software1
CVE
CVE
added 2023/05/02 12:0 a.m.49 views

CVE-2022-47877

This CVE (CVE-2022-47877) affects Jedox 2020.2.5. Description: a Stored Cross-Site Scripting vulnerability allows remote, authenticated users to inject arbitrary web script or HTML into the Logs page via the log module (log). Impact: allows client-side script execution in users’ browsers when Log...

9.6CVSS5AI score0.02631EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2023/05/02 12:0 a.m.14 views

CVE-2022-47877

A Stored cross-site scripting vulnerability in Jedox 2020.2.5 allows remote, authenticated users to inject arbitrary web script or HTML in the Logs page via the log module 'log'...

5.3AI score0.02631EPSS
Exploits4References2
Github Security Blog
Github Security Blog
added 2023/05/01 6:30 p.m.16 views

editor.md vulnerable to Cross-site Scripting

Cross Site Scripting XSS vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text...

6.1CVSS6AI score0.00429EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/05/01 4:15 p.m.12 views

CVE-2023-29639

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString...

5.4CVSS5.4AI score0.00364EPSS
Exploits1References1
NVD
NVD
added 2023/05/01 4:15 p.m.12 views

CVE-2023-29636

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString...

5.4CVSS5.4AI score0.00414EPSS
Exploits1References1
NVD
NVD
added 2023/05/01 4:15 p.m.36 views

CVE-2023-29641

Cross Site Scripting XSS vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text...

6.1CVSS5.9AI score0.00429EPSS
Exploits1References1
OSV
OSV
added 2023/05/01 4:15 p.m.10 views

CVE-2023-29641

Cross Site Scripting XSS vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text...

6.1CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2023/05/01 4:15 p.m.7 views

Cross site scripting

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString...

4.9CVSS5.3AI score0.00364EPSS
Exploits1References1
Prion
Prion
added 2023/05/01 4:15 p.m.11 views

Cross site scripting

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using MyBlogUtils.cleanString...

4.9CVSS5.3AI score0.00414EPSS
Exploits1References1
Prion
Prion
added 2023/05/01 4:15 p.m.19 views

Cross site scripting

Cross Site Scripting XSS vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text...

5.8CVSS5.9AI score0.00429EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/01 12:0 a.m.7 views

CVE-2023-29637

Cross Site Scripting XSS vulnerability in Qbian61 forum-java, allows attackers to inject arbitrary web script or HTML via editing the article content in the "article editor" page...

5.9AI score0.00363EPSS
Exploits1References1
CVE
CVE
added 2023/05/01 12:0 a.m.46 views

CVE-2023-29636

CVE-2023-29636 is a cross-site scripting (XSS) vulnerability in ZHENFENG13 My-Blog. The root cause is that the title field on the blog management page is not sanitized with MyBlogUtils.cleanString, enabling arbitrary script/HTML injection. Reported details are corroborated by multiple sources (NV...

5.4CVSS5.3AI score0.00414EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/05/01 12:0 a.m.4 views

My-Blog 跨站脚本漏洞

My-Blog is a Java blog system implemented by SpringBoot + Mybatis + Thymeleaf and other technologies, with beautiful pages, full functionality, easy deployment and perfect code. ZHENFENG13 A security vulnerability exists in My-Blog, which stems from the presence of a cross-site scripting XSS...

5.4CVSS5.6AI score0.00364EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/05/01 12:0 a.m.13 views

CVE-2023-29639

Cross site scripting XSS vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing MyBlogUtils.cleanString...

5.5AI score0.00364EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/05/01 12:0 a.m.8 views

CVE-2023-29641

Cross Site Scripting XSS vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text...

5.9AI score0.00429EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/05/01 12:0 a.m.41 views

CVE-2023-29641

Cross Site Scripting XSS vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text...

6AI score0.00429EPSS
Exploits1References1
Rows per page
Query Builder