Lucene search
K

27433 matches found

Github Security Blog
Github Security Blog
added 2022/05/05 12:29 a.m.20 views

Plone Zope cross-site scripting (XSS) vulnerability

Multiple cross-site scripting XSS vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unspecified input in the 1 browseridmanager or 2...

6.1CVSS6AI score0.01395EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2022/05/05 12:29 a.m.23 views

GHSA-4793-W44W-M7XM Plone Zope cross-site scripting (XSS) vulnerability

Multiple cross-site scripting XSS vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unspecified input in the 1 browseridmanager or 2...

6.1CVSS6AI score0.01395EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2022/05/04 12:29 a.m.10 views

Jenkins allows Cross-Site Scripting (XSS)

Cross-site scripting XSS vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...

4.3CVSS5.5AI score0.01137EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/05/03 3:25 a.m.32 views

GHSA-3P86-XGRQ-M6P6 Improper Neutralization of Input During Web Page Generation in Apache Tomcat

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

4.3CVSS5.5AI score0.10228EPSS
Exploits2References37
Github Security Blog
Github Security Blog
added 2022/05/02 6:15 a.m.21 views

MoinMoin Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI...

3.5CVSS5.2AI score0.02243EPSS
Exploits1References22Affected Software1
OSV
OSV
added 2022/05/02 6:15 a.m.7 views

GHSA-FC72-V54C-X9JG MoinMoin Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI...

5.4CVSS5AI score0.02243EPSS
Exploits1References22
Github Security Blog
Github Security Blog
added 2022/05/02 4:0 a.m.26 views

feedparser Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas...

4.3CVSS5.2AI score0.0453EPSS
Exploits1References10Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/02 3:47 a.m.25 views

phpMyAdmin Cross-site Scripting In MySQL Table Name

Cross-site scripting XSS vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table...

4.3CVSS5.6AI score0.02571EPSS
Exploits1References21Affected Software1
OSV
OSV
added 2022/05/02 3:47 a.m.151 views

GHSA-C73W-4RCJ-2622 Typo3 API Install Tool vulnerable to Cross-site Scripting

Cross-site scripting XSS vulnerability in the Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

4.3CVSS5.3AI score0.01962EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2022/05/02 3:47 a.m.24 views

TYPO3 API function vulnerable to Cross-site Scripting

Cross-site scripting XSS vulnerability in the t3libdiv::quoteJSvalue API function in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the sanitizing...

4.3CVSS5.7AI score0.0095EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/02 3:47 a.m.25 views

Typo3 API Install Tool vulnerable to Cross-site Scripting

Cross-site scripting XSS vulnerability in the Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

4.3CVSS5.7AI score0.01962EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/02 3:40 a.m.18 views

Buildbot vulnerable to cross-site scripting

Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...

4.3CVSS5.4AI score0.02265EPSS
Exploits0References13Affected Software1
OSV
OSV
added 2022/05/02 3:40 a.m.12 views

GHSA-MJ3X-WPRP-MVJ9 Buildbot vulnerable to cross-site scripting

Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...

6.1CVSS5.4AI score0.02265EPSS
Exploits0References13
OSV
OSV
added 2022/05/02 3:40 a.m.18 views

GHSA-JQQH-999X-W26W Buildbot Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.2AI score0.02008EPSS
Exploits0References12
Github Security Blog
Github Security Blog
added 2022/05/02 3:40 a.m.22 views

Buildbot Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.6AI score0.02008EPSS
Exploits0References12Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/02 3:18 a.m.33 views

Cross-site scripting in Apache Tomcat

Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...

4.3CVSS4AI score0.09125EPSS
Exploits1References37Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/02 3:14 a.m.21 views

MoinMoin Cross-site scripting (XSS) vulnerability in the antispam feature

Cross-site scripting XSS vulnerability in the antispam feature security/antispam.py in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content...

4.3CVSS6AI score0.02346EPSS
Exploits0References13Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/02 3:13 a.m.20 views

MoinMoin Multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in action/AttachFile.py in MoinMoin before 1.8.1 allow remote attackers to inject arbitrary web script or HTML via an AttachFile action to the WikiSandBox component with 1 the rename parameter or 2 the drawing parameter aka the basename variable...

4.3CVSS6.1AI score0.05435EPSS
Exploits1References14Affected Software1
OSV
OSV
added 2022/05/02 3:13 a.m.7 views

GHSA-7HJM-HQGJ-XV9F MoinMoin Multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in action/AttachFile.py in MoinMoin before 1.8.1 allow remote attackers to inject arbitrary web script or HTML via an AttachFile action to the WikiSandBox component with 1 the rename parameter or 2 the drawing parameter aka the basename variable...

4.3CVSS5.5AI score0.05435EPSS
Exploits1References13
OSV
OSV
added 2022/05/02 3:12 a.m.26 views

GHSA-C372-X57P-6X7V Apache Geronimo Application Server multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 ip, 3 username, or 4 description parameter to console/portal/Server/Monitorin...

4.3CVSS6.8AI score0.18003EPSS
Exploits2References8
Rows per page
Query Builder