Export limit exceeded: 357770 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46652 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-44591 | 1 Anthologize Project | 1 Anthologize | 2024-11-21 | 4.8 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Anthologize plugin <= 0.8.0 on WordPress. | ||||
| CVE-2022-44390 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in EyouCMS V1.5.9-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Public Security Record Number text field. | ||||
| CVE-2022-43955 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 8 High |
| An improper neutralization of input during web page generation [CWE-79] in the FortiWeb web interface 7.0.0 through 7.0.3, 6.3.0 through 6.3.21, 6.4 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow an unauthenticated and remote attacker to perform a reflected cross site scripting attack (XSS) via injecting malicious payload in log entries used to build report. | ||||
| CVE-2022-43952 | 1 Fortinet | 1 Fortiadc | 2024-11-21 | 3.3 Low |
| An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC version 7.1.1 and below, version 7.0.3 and below, version 6.2.5 and below may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests. | ||||
| CVE-2022-43909 | 1 Ibm | 1 Security Guardium | 2024-11-21 | 4.6 Medium |
| IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905. | ||||
| CVE-2022-43711 | 1 Gxsoftware | 1 Xperiencentral | 2024-11-21 | 6.1 Medium |
| Interactive Forms (IAF) in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks (XSS) because the CSP header uses eval() in the script-src. | ||||
| CVE-2022-43688 | 1 Concretecms | 1 Concrete Cms | 2024-11-21 | 4.8 Medium |
| Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Stored Cross-Site Scripting (XSS) in icons since the Microsoft application tile color is not sanitized. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+. | ||||
| CVE-2022-43578 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2024-11-21 | 4.6 Medium |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238683. | ||||
| CVE-2022-43463 | 1 Yikesinc | 1 Custom Product Tabs For Woocommerce | 2024-11-21 | 4.8 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Custom Product Tabs for WooCommerce plugin <= 1.7.9 on WordPress. | ||||
| CVE-2022-43363 | 1 Telegram | 1 Telegram | 2024-11-21 | 6.1 Medium |
| Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding. | ||||
| CVE-2022-43317 | 1 Oretnom23 | 1 Human Resource Management System | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in /hrm/index.php?msg of Human Resource Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2022-42460 | 1 Sedlex | 1 Traffic Manager | 2024-11-21 | 6.5 Medium |
| Broken Access Control vulnerability leading to Stored Cross-Site Scripting (XSS) in Traffic Manager plugin <= 1.4.5 on WordPress. | ||||
| CVE-2022-42247 | 1 Pfsense | 1 Pfsense | 2024-11-21 | 6.1 Medium |
| pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name. | ||||
| CVE-2022-41980 | 1 Webartesanal | 1 Mantenimiento Web | 2024-11-21 | 4.8 Medium |
| Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Mantenimiento web plugin <= 0.13 on WordPress. | ||||
| CVE-2022-41788 | 1 Pencidesign | 1 Soledad | 2024-11-21 | 5.4 Medium |
| Auth. (subscriber+) Cross-Site Scripting (XSS) vulnerability in Soledad premium theme <= 8.2.5 on WordPress. | ||||
| CVE-2022-41762 | 1 Nokia | 1 Network Functions Manager For Transport | 2024-11-21 | 6.1 Medium |
| An issue was discovered in NOKIA NFM-T R19.9. Multiple Reflected XSS vulnerabilities exist in the Network Element Manager via any parameter to log.pl, the bench or pid parameter to top.pl, or the id parameter to easy1350.pl. | ||||
| CVE-2022-41643 | 1 Accessibility Project | 1 Accessibility | 2024-11-21 | 4.8 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Accessibility plugin <= 1.0.3 on WordPress. | ||||
| CVE-2022-41615 | 1 Agilelogix | 1 Store Locator | 2024-11-21 | 6.1 Medium |
| Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Store Locator plugin <= 1.4.5 on WordPress. | ||||
| CVE-2022-41566 | 1 Tibco | 1 Ebx Add-ons | 2024-11-21 | 8.7 High |
| The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute stored XSS on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 5.6.0 and below. | ||||
| CVE-2022-41565 | 1 Tibco | 2 Ebx, Product And Service Catalog Powered By Tibco Ebx | 2024-11-21 | 8.7 High |
| The Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a stored XSS on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.9.21 and below, versions 6.0.11 and below and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 1.2.0 and below. | ||||