Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-31698: Stored XSS via SVG file Vulnerability on Bludit v3.14.1 · Issue #1509 · bludit/bludit

Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo.

CVE
Open in Source
#xss#csrf#vulnerability#windows#firefox
CVE-2023-31703: CVE-2023-31703/README.md at main · sahiloj/CVE-2023-31703

Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter.

GHSA-j657-pjgc-c4h6: phpMyFAQ vulnerable to stored Cross-site Scripting

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta.

GHSA-vppq-6ff8-2m8w: phpMyFAQ vulnerable to stored Cross-site Scripting

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta.

CVE-2023-2745: WordPress 6.2.1 Maintenance & Security Release

WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.

CVE-2023-2752: huntr – Security Bounties for any GitHub repository

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta.

CVE-2023-2753: fix: remove HTML event attributes · thorsten/phpMyFAQ@5401ab7

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta.

CVE-2023-2509

A Cross-Site Scripting(XSS) vulnerability was found on ADM, LooksGood and SoundsGood Apps. An attacker can exploit this vulnerability to inject malicious scripts into the target applications to access any cookies or sensitive information retained by the browser and used with that application. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below, LooksGood 2.0.0.R129 and below and SoundsGood 2.3.0.r1027 and below.

CVE-2023-2509

A Cross-Site Scripting(XSS) vulnerability was found on ADM, LooksGood and SoundsGood Apps. An attacker can exploit this vulnerability to inject malicious scripts into the target applications to access any cookies or sensitive information retained by the browser and used with that application. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below, LooksGood 2.0.0.R129 and below and SoundsGood 2.3.0.r1027 and below.