Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-0740

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4.

CVE
Open in Source
#xss#git
CVE-2023-0743: update img header · answerdev/answer@860b1a3

Cross-site Scripting (XSS) - Generic in GitHub repository answerdev/answer prior to 1.0.4.

CVE-2023-0742

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4.

CVE-2023-0741

Cross-site Scripting (XSS) - DOM in GitHub repository answerdev/answer prior to 1.0.4.

GHSA-3x2c-87cq-qx49: Cross-site Scripting (XSS) in wallabag/wallabag

Cross-site Scripting (XSS) - Stored in GitHub repository wallabag/wallabag prior to 2.5.4.

CVE-2023-0731: Diff [2857078:2861473] for interactive-geo-maps/trunk – WordPress Plugin Repository

The Interactive Geo Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the action content parameter in versions up to, and including, 1.5.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with editor level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE-2023-23026: CVE-2023-23026

Cross site scripting (XSS) vulnerability in sourcecodester oretnom23 sales management system 1.0, allows attackers to execute arbitrary code via the product_name and product_price inputs in file print.php.

CVE-2023-23011: XSS in InvoicePlane

Cross Site Scripting (XSS) vulnerability in InvoicePlane 1.6 via filter_product input to file modal_product_lookups.php.

CVE-2023-0736

Cross-site Scripting (XSS) - Stored in GitHub repository wallabag/wallabag prior to 2.5.4.

CVE-2022-47419: Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system.