Lucene search
K

27433 matches found

Github Security Blog
Github Security Blog
added 2022/05/02 3:12 a.m.28 views

Apache Jackrabbit contains Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to 1 search.jsp or 2 swr.jsp...

4.3CVSS4.3AI score0.21633EPSS
Exploits2References10Affected Software1
OSV
OSV
added 2022/05/02 3:12 a.m.17 views

GHSA-6FXV-38XC-H866 Apache Jackrabbit contains Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to 1 search.jsp or 2 swr.jsp...

4.3CVSS5.5AI score0.21633EPSS
Exploits2References9
NVD
NVD
added 2022/05/02 12:15 a.m.9 views

CVE-2021-31673

A Dom-based Cross-site scripting XSS vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter...

6.1CVSS0.03424EPSS
Exploits4References3
Prion
Prion
added 2022/05/02 12:15 a.m.13 views

Cross site scripting

A Dom-based Cross-site scripting XSS vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter...

4.3CVSS6AI score0.03424EPSS
Exploits4References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/02 12:11 a.m.20 views

Plone Cross-site Scripting vulnerability in the LiveSearch module

Cross-site scripting XSS vulnerability in the LiveSearch module in Plone before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the Description field for search results, as demonstrated using the onerror Javascript even in an IMG tag...

4.3CVSS6.1AI score0.01144EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/02 12:0 a.m.17 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting XSS vulnerability in the Apache Solr Search solr extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01997EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/01 11:59 p.m.19 views

MoinMoin Multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in macro/AdvancedSearch.py in moin and MoinMoin 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.0209EPSS
Exploits1References14Affected Software1
OSV
OSV
added 2022/05/01 11:59 p.m.5 views

GHSA-X6JF-C7WH-7M7W Trac Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

6.1CVSS5.4AI score0.01335EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2022/05/01 11:59 p.m.36 views

Trac Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS5.6AI score0.01335EPSS
Exploits1References10Affected Software1
OSV
OSV
added 2022/05/01 11:57 p.m.30 views

GHSA-6CJ8-C359-P7Q9 Drupal vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 free tagging taxonomy terms, which are not properly handled on node preview pages, and 2 unspecified OpenID values...

4.3CVSS5.4AI score0.02467EPSS
Exploits0References11
OSV
OSV
added 2022/05/01 11:55 p.m.4 views

GHSA-PM5M-9H5R-XCRG phpMyAdmin extension for TYPO3 has Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the phpMyAdmin phpmyadmin extension 3.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.3CVSS5.8AI score0.01033EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/01 11:55 p.m.8 views

phpMyAdmin extension for TYPO3 has Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the phpMyAdmin phpmyadmin extension 3.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.8AI score0.01033EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/01 11:48 p.m.18 views

GHSA-54QJ-48VX-CR9F Django Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request...

6.1CVSS5.2AI score0.01312EPSS
Exploits0References12
OSV
OSV
added 2022/05/01 11:45 p.m.19 views

GHSA-F98P-9PP6-7Q6C Apache Tomcat Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter aka the hostname attribute to host-manager/html/add...

5.3CVSS6.5AI score0.09776EPSS
Exploits2References46
Github Security Blog
Github Security Blog
added 2022/05/01 11:45 p.m.30 views

Apache Tomcat Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter aka the hostname attribute to host-manager/html/add...

4.3CVSS5.7AI score0.09776EPSS
Exploits2References46Affected Software2
Github Security Blog
Github Security Blog
added 2022/05/01 11:43 p.m.5 views

Alkacon OpenCMS XSS via searchfilter parameter in system/workplace/admin/workplace/sessions.jsp

Cross-site scripting XSS vulnerability in system/workplace/admin/workplace/sessions.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the searchfilter parameter, a different vector than CVE-2008-1510...

4.3CVSS5.4AI score0.01107EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/05/01 11:43 p.m.3 views

GHSA-4R3G-W24C-GPR6 Alkacon OpenCMS XSS via searchfilter parameter in system/workplace/admin/workplace/sessions.jsp

Cross-site scripting XSS vulnerability in system/workplace/admin/workplace/sessions.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the searchfilter parameter, a different vector than CVE-2008-1510...

5.3CVSS6AI score0.01107EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/05/01 11:38 p.m.56 views

Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF)

Cross-site scripting XSS vulnerability in Sun Java Server Faces JSF 1.2 before 1.208 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS4.2AI score0.02537EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/05/01 11:37 p.m.24 views

GHSA-Q74X-QQHR-F8RX Apache Tomcat Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method...

4.3CVSS6.5AI score0.75865EPSS
Exploits2References81
OSV
OSV
added 2022/05/01 11:36 p.m.7 views

GHSA-8FJ9-PJ4P-4VQ7 MoinMoin Multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 certain input processed by formatter/textgedit.py aka the gui editor formatter; 2 a page name, which triggers an injection in PageEditor.py when the...

4.3CVSS5.3AI score0.01803EPSS
Exploits1References15
Rows per page
Query Builder