Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2024-42515
CRITICAL CVSS 9.9
Find Similar
Glossarizer through 1.5.2 improperly tries to convert text into HTML. Even though the application itself escapes special characters (e.g., <>), the underlying library converts these encoded characters
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins All Embed – Elementor Addons all-embed-addons-for-elementor allows Stored XSS.This issue
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SysBasics Shortcode For Elementor Templates allows Stored XSS.This issue affects Shortcode
ProjeQtor versions 7.0 through 12.4.3 contain a stored cross-site scripting vulnerability in the checkValidHtmlText() function within Security.php that fails to properly sanitize user input by only de
Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by inj
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in carperfer CoverManager covermanager allows Stored XSS.This issue affects CoverManager: from n/a th
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sachin8600 Semantic Shortcode semantic-shortcode allows Stored XSS.This issue affects Semantic Sho
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lexicata Lexicata lexicata allows Reflected XSS.This issue affects Lexicata: from n/a through <= 1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Icon List Block icon-list-block allows Stored XSS.This issue affects Icon List Block: fro
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.T
Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are vulnerable to Cross-site Scripting (XSS) due to improper ordering of URL validation and normalization. The renderer val
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.T
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bPlugins Html5 Audio Player allows Stored XSS.This issue affects Html5 Audio Player: from n
Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting (XSS) in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that exe
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designerken Reftagger Shortcode reftagger-shortcode allows Stored XSS.This issue affects Reftagger
Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML befor
Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML befor
Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML befor
Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML befor
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used wit
Page 1+ Next →