5210 matches found
Cross site scripting in getkirby/starterkit
A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...
CVE-2022-35174
A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...
CVE-2022-35174
A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...
CVE-2021-30071
A cross-site scripting XSS vulnerability in /admin/listkey.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2021-30071
A cross-site scripting XSS vulnerability in /admin/listkey.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cross site scripting
A cross-site scripting XSS vulnerability in /admin/listkey.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2022-35133
A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...
Cross site scripting
A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...
CVE-2022-35133
A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...
CVE-2022-35133
A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...
CVE-2022-35133
CVE-2022-35133 : A cross-site scripting (XSS) vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name field when creating a node. Public records include multiple advisories indicating a fix in newer releases; OpenSUSE/Mageia...
CVE-2022-35117
Clinic's Patient Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via updatemedicinedetails.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Packing text box under the Update Medical...
CVE-2022-35509
An issue was discovered in EyouCMS 1.5.8. There is a Storage XSS vulnerability that can allows an attacker to execute arbitrary Web scripts or HTML by injecting a special payload via the title parameter in the foreground contribution, allowing the attacker to obtain sensitive information...
Design/Logic Flaw
An issue was discovered in EyouCMS 1.5.8. There is a Storage XSS vulnerability that can allows an attacker to execute arbitrary Web scripts or HTML by injecting a special payload via the title parameter in the foreground contribution, allowing the attacker to obtain sensitive information...
CVE-2022-35509
CVE-2022-35509 is a Storage XSS in EyouCMS 1.5.8. The issue allows an attacker to inject a payload via the title parameter in the foreground contribution, enabling execution of arbitrary web scripts/HTML and potential exposure of sensitive information. Documents do not provide exploit code, affec...
CVE-2022-34619
A stored cross-site scripting XSS vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Shopping Lists item names text field...
CVE-2022-34619
A stored cross-site scripting XSS vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Shopping Lists item names text field...
CVE-2022-34618
CVE-2022-34618 is a stored XSS in Mealie 1.0.0beta3 where a crafted payload in the recipe description text field executes scripts/HTML. Affected component: Mealie web app; root cause: input not sanitized in description field leading to stored XSS. Exploitation details in the linked Red Hat entry ...
CVE-2022-34618
A stored cross-site scripting XSS vulnerability in Mealie 1.0.0beta3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the recipe description text field...
Feehi CMS Cross-site Scripting
A stored cross-site scripting XSS vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username field...