Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2022-45366: WordPress Slimstat Analytics plugin <= 5.0.4 - Reflected Cross-Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin <= 5.0.4 versions.

CVE
Open in Source
#xss#vulnerability#web#wordpress#auth
GHSA-qvq8-cw7f-m7m4: Apache JSPWiki vulnerable to cross-site scripting on several plugins

A carefully crafted request on several JSPWiki plugins could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.0 or later.

CVE-2022-46907

A carefully crafted request on several JSPWiki plugins could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.0 or later.

CVE-2023-33829

A stored cross-site scripting (XSS) vulnerability in Cloudogu GmbH SCM Manager v1.2 to v1.60 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field.

CVE-2022-42225: Multiple XSS

Jumpserver 2.10.0 <= version <= 2.26.0 contains multiple stored XSS vulnerabilities because of improper filtering of user input, which can execute any javascript under admin's permission.

CVE-2023-33789: Stored Cross Site Scripting Vulnerability in "Create Contact Groups" function in Netbox 3.5.1 · Issue #7 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Contact Groups (/tenancy/contact-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33790: Stored Cross Site Scripting Vulnerability in "Create Locations" function in Netbox 3.5.1 · Issue #9 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Locations (/dcim/locations/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33787: Stored Cross Site Scripting Vulnerability in "Create Tenant Groups" function in Netbox 3.5.1 · Issue #6 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Tenant Groups (/tenancy/tenant-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33786: Stored Cross Site Scripting Vulnerability in "Create Circuit Types" function in Netbox 3.5.1 · Issue #2 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Circuit Types (/circuits/circuit-types/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33785: Stored Cross Site Scripting Vulnerability in "Create Rack Roles" function in Netbox 3.5.1 · Issue #8 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Rack Roles (/dcim/rack-roles/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.