Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

GHSA-7vff-rv2f-cj79: Subrion CMS Cross-site Scripting vulnerability

A Cross-site scripting (XSS) vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter.

ghsa
Open in Source
#xss#vulnerability#web#git
GHSA-2g8p-j2r6-vqpj: October Cross-site Scripting vulnerability

A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field.

CVE-2023-43879: GitHub - sromanhu/RiteCMS-Stored-XSS---GlobalContent: About RiteCMS 3.0 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted

Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu.

CVE-2023-43878: RiteCMS-Stored-XSS---MainMenu/README.md at main · sromanhu/RiteCMS-Stored-XSS---MainMenu

Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a crafted payload into the Main Menu Items in the Administration Menu.

CVE-2023-43884: GitHub - dpuenteramirez/XSS-ReferenceID-Subrion_4.2.1

A Cross-site scripting (XSS) vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter.

CVE-2023-43876: October-CMS-Reflected-XSS---Installation/README.md at main · sromanhu/October-CMS-Reflected-XSS---Installation

A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field.

CVE-2023-43874: e107-CMS-Stored-XSS---MetaCustomTags/README.md at main · sromanhu/e107-CMS-Stored-XSS---MetaCustomTags

Multiple Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Copyright and Author fields in the Meta & Custom Tags Menu.

CVE-2023-43873: e107-CMS-Stored-XSS---Manage/README.md at main · sromanhu/e107-CMS-Stored-XSS---Manage

A Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Name filed in the Manage Menu.

CVE-2023-43871: WBCE-Arbitrary-File-Upload--XSS---Media/README.md at main · sromanhu/WBCE-Arbitrary-File-Upload--XSS---Media

A File upload vulnerability in WBCE v.1.6.1 allows a local attacker to upload a pdf file with hidden Cross Site Scripting (XSS).