363 matches found
CVE-2023-43102
An issue was discovered in Zimbra Collaboration ZCS before 10.0.4. An XSS issue can be exploited to access the mailbox of an authenticated user. This is also fixed in 8.8.15 Patch 43 and 9.0.0 Patch 36...
CVE-2023-45279
Yamcs 5.8.6 allows XSS issue 1 of 2. It comes with a Bucket as its primary storage mechanism. Buckets allow for the upload of any file. There's a way to upload a display referencing a malicious JavaScript file to the bucket. The user can then open the uploaded display by selecting Telemetry from...
CVE-2023-31285
An XSS issue was discovered in Serenity Serene and StartSharp before 6.7.0. When users upload temporary files, some specific file endings are not allowed, but it is possible to upload .html or .htm files containing an XSS payload. The resulting link can be sent to an administrator user...
CVE-2023-40284
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue...
CVE-2018-12624
An issue was discovered in Eventum 3.5.0. /htdocs/postnote.php has XSS via the garlicprefix parameter...
CVE-2017-18879
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS could occur via the authorlink field of a Slack attachment...
CVE-2019-18356
An XSS issue was discovered in Thycotic Secret Server before 10.7 issue 1 of 2...
CVE-2019-20364
An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via cacheName to SystemCacheDetails.jsp...
CVE-2019-20366
An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via isTrustStore to Manage Store Contents...
CVE-2022-35655
Pega Platform from 7.3 to 8.7.3 is affected by an XSS issue due to a misconfiguration of a datapage setting...
CVE-2025-23473
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Punit Bhalodiya Killer Theme Options killer-theme-options allows Reflected XSS.This issue affects Killer Theme Options: from n/a through = 2.0...
CVE-2019-16392
SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages...
CVE-2019-16914
An XSS issue was discovered in pfSense through 2.4.4-p3. In servicescaptiveportalmac.php, the username and delmac parameters are displayed without sanitization...
CVE-2019-16950
An XSS issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. The QueueName parameter of a GET request allows for insertion of user-supplied JavaScript...
CVE-2019-12139
An XSS issue was discovered in the Admin UI in eZ Platform 2.x. This affects ezplatform-admin-ui 1.3.x before 1.3.5 and 1.4.x before 1.4.4, and ezplatform-page-builder 1.1.x before 1.1.5 and 1.2.x before 1.2.4...
EUVD-2017-2445
Malware in sbrugna...
EUVD-2017-16076
Malware in sbrugna...
EUVD-2018-10461
Malware in sbrugna...
EUVD-2019-3101
Malware in sbrugna...
EUVD-2018-7477
Malware in sbrugna...