GHSA-4M2G-668V-JWJX Cross site scripting in getkirby/starterkit

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

CVE-2022-35174

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

CVE-2022-35174

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

CVE-2021-30071

A cross-site scripting XSS vulnerability in /admin/listkey.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2021-30071

A cross-site scripting XSS vulnerability in /admin/listkey.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

Cross site scripting

A cross-site scripting XSS vulnerability in /admin/listkey.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2022-35133

A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...

Cross site scripting

A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...

CVE-2022-35133

A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...

CVE-2022-35133

CVE-2022-35133 : A cross-site scripting (XSS) vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name field when creating a node. Public records include multiple advisories indicating a fix in newer releases; OpenSUSE/Mageia...

CVE-2022-35133

A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...

CVE-2022-35117

Clinic's Patient Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via updatemedicinedetails.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Packing text box under the Update Medical...

CVE-2022-35509

An issue was discovered in EyouCMS 1.5.8. There is a Storage XSS vulnerability that can allows an attacker to execute arbitrary Web scripts or HTML by injecting a special payload via the title parameter in the foreground contribution, allowing the attacker to obtain sensitive information...

Design/Logic Flaw

An issue was discovered in EyouCMS 1.5.8. There is a Storage XSS vulnerability that can allows an attacker to execute arbitrary Web scripts or HTML by injecting a special payload via the title parameter in the foreground contribution, allowing the attacker to obtain sensitive information...

CVE-2022-35509

CVE-2022-35509 is a Storage XSS in EyouCMS 1.5.8. The issue allows an attacker to inject a payload via the title parameter in the foreground contribution, enabling execution of arbitrary web scripts/HTML and potential exposure of sensitive information. Documents do not provide exploit code, affec...

CVE-2022-34619

A stored cross-site scripting XSS vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Shopping Lists item names text field...

CVE-2022-34619

A stored cross-site scripting XSS vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Shopping Lists item names text field...

CVE-2022-34618

A stored cross-site scripting XSS vulnerability in Mealie 1.0.0beta3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the recipe description text field...

CVE-2022-34618

CVE-2022-34618 is a stored XSS in Mealie 1.0.0beta3 where a crafted payload in the recipe description text field executes scripts/HTML. Affected component: Mealie web app; root cause: input not sanitized in description field leading to stored XSS. Exploitation details in the linked Red Hat entry ...

Feehi CMS Cross-site Scripting

A stored cross-site scripting XSS vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username field...