CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue was discovered in Oxygen XML WebHelp before 22.1 build 2021082006 and 23.x before 23.1 build 2021090310. An XSS vulnerability in search terms proposals in online documentation generated using Oxygen XML WebHelp allows attackers to execute JavaScript by convincing a user to type specific...

6.1CVSS6.3AI score0.00669EPSS

Exploits0

RedhatCVE•added 2025/05/22 12:25 a.m.•6 views

CVE-2010-2885

Cross-site scripting XSS vulnerability in Adobe RoboHelp 7 and 8, and RoboHelp Server 7 and 8, allows remote attackers to inject arbitrary web script or HTML via vectors related to WebHelp generation with RoboHelp for Word...

4.3CVSS5.9AI score0.00621EPSS

Exploits0References1

Openbugbounty•added 2023/06/11 7:31 p.m.•20 views

webhelp.acquitysoftware.com Cross Site Scripting vulnerability OBB-3414512

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score

Exploits0

Positive Technologies•added 2023/01/14 12:0 a.m.•2 views

PT-2023-18729 · Tiki · Tiki

Name of the Vulnerable Software and Affected Versions: Tiki versions prior to 24.1 Description: The issue allows PHP Object Injection in lib/structures/structlib.php due to an eval when the feature create webhelp is enabled. Recommendations: For versions prior to 24.1, update to version 24.1 or...

8.8CVSS8.7AI score0.0111EPSS

Exploits2References5

OSV•added 2022/07/13 5:15 a.m.•0 views

CVE-2021-46827

6.1CVSS5.9AI score0.00669EPSS

Exploits0References1

NVD•added 2022/07/13 5:15 a.m.•15 views

CVE-2021-46827

6.1CVSS0.00669EPSS

Exploits0References1

Prion•added 2022/07/13 5:15 a.m.•11 views

Cross site scripting

5.8CVSS6.1AI score0.00669EPSS

Exploits0References1Affected Software5

Cvelist•added 2022/07/13 4:55 a.m.•13 views

CVE-2021-46827

6.3AI score0.00669EPSS

Exploits0References1

CVE•added 2022/07/13 4:55 a.m.•82 views

CVE-2021-46827

CVE-2021-46827 affects Oxygen XML WebHelp prior to 22.1 build 2021082006 and 23.x prior to 23.1 build 2021090310. The issue is an XSS in the search terms proposals feature of online documentation generated by WebHelp, enabling JavaScript execution when a user types crafted text into the WebHelp o...

6.1CVSS6.1AI score0.00669EPSS

Exploits0References1Affected Software5

CNNVD•added 2022/07/13 12:0 a.m.•2 views

Syncro Soft Oxygen XML WebHelp 跨站脚本漏洞

Syncro Soft Oxygen XML WebHelp is used by Syncro Soft Romania to convert DITA and DocBook resources to WebHelp output. A security vulnerability exists in Syncro Soft Oxygen XML WebHelp versions prior to 22.1 build 2021082006, 23.x prior to 23.1 build 2021090310, which stems from an XSS...

6.1CVSS6.3AI score0.00669EPSS

Exploits0References3