Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2022-45366: WordPress Slimstat Analytics plugin <= 5.0.4 - Reflected Cross-Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin <= 5.0.4 versions.

CVE
Open in Source
#xss#vulnerability#web#wordpress#auth
GHSA-qvq8-cw7f-m7m4: Apache JSPWiki vulnerable to cross-site scripting on several plugins

A carefully crafted request on several JSPWiki plugins could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.0 or later.

CVE-2022-46907

A carefully crafted request on several JSPWiki plugins could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.0 or later.

CVE-2023-33829

A stored cross-site scripting (XSS) vulnerability in Cloudogu GmbH SCM Manager v1.2 to v1.60 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field.

CVE-2023-33795: Stored Cross Site Scripting Vulnerability in "Create Contact Roles" function in Netbox 3.5.1 · Issue #15 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Contact Roles (/tenancy/contact-roles/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33799: Stored Cross Site Scripting Vulnerability in "Create Contacts" function in Netbox 3.5.1 · Issue #14 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Contacts (/tenancy/contacts/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33800: Stored Cross Site Scripting Vulnerability in "Create Regions" function in Netbox 3.5.1 · Issue #11 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Regions (/dcim/regions/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33798: Stored Cross Site Scripting Vulnerability in "Create Rack" function in Netbox 3.5.1 · Issue #13 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Rack (/dcim/rack/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33797: Stored Cross Site Scripting Vulnerability in "Create Sites" function in Netbox 3.5.1 · Issue #12 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Sites (/dcim/sites/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33791: Stored Cross Site Scripting Vulnerability in "Create Provider Accounts" function in Netbox 3.5.1 · Issue #4 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Provider Accounts (/circuits/provider-accounts/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.