Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
20 results
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Morgan Kay Chamber Dashboard Business Directory allows DOM-Based XSS. This issue affects Chamber D
A stored cross-site scripting (XSS) vulnerability in Anchor CMS v0.12.7 allows attackers to inject malicious JavaScript via the page description field in the page creation interface (/admin/pages/add)
The CM Custom Reports plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'date_from' and 'date_to' parameters in all versions up to, and including, 1.2.7 due to insufficient
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bt_bb_raw_content shortcode in all versions up to, and including, 5.4.8 due to insufficient inp
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluginic FancyPost post-block allows DOM-Based XSS.This issue affects FancyPost: from n/a through
PublicCMS V4.0.202406.d was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted script to the Category Managment feature
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ken107 SiteNarrator Text-to-Speech Widget sitespeaker-widget allows Stored XSS.This issue affects
A stored cross-site scripting (XSS) vulnerability exists in Kiamo before 8.4 due to improper output encoding of user-supplied input in administrative interfaces. An authenticated administrative user c
A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the image parameter under the C
Unauthenticated Cross Site Scripting (XSS) in Royal Elementor Addons Pro < 1.7.1041 versions.
A reflected cross-site scripting (XSS) vulnerability in Gladinet CentreStack v13.12.9934.54690 allows attackers to inject malicious JavaScript into the web browser of a victim via the sessionId parame
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HotelRunner B2B allows Cross-Site Scripting (XSS). This issue affects B2B: before 04.06.20
Textpattern CMS version 4.9.0 contains a second-order cross-site scripting vulnerability that allows attackers to inject malicious scripts by exploiting improper sanitization of user-supplied input in
A Reflected Cross Site Scripting (XSS) vulnerability was found in "edit-cate.php" in SourceCodester House Rental Management System v1.0.
Unauthenticated Cross Site Scripting (XSS) in SEO Redirection <= 9.17 versions.
Reflected cross-site scripting vulnerability exists in multiple versions of PowerCMS. If a product administrator accesses a crafted URL, an arbitrary script may be executed on the browser.
← Previous Page 5