Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
A Cross Site Scripting (XSS) vulnerability exists in TeamPasswordManager v12.162.284 and before that could allow a remote attacker to execute arbitrary JavaScript in the web browser of a user, by incl
CVE-2026-3107
CRITICAL CVSS 9.3
Find Similar
Stored Cross-Site Scripting (XSS) in Teampass versions prior to 3.1.5.16, affecting the password manager's password import functionality at the endpoint 'redacted/index.php?page=items'. The applicatio
CVE-2026-3106
CRITICAL CVSS 9.3
Find Similar
Blind Cross-Site Scripting (XSS) in Teampass, versions prior to 3.1.5.16, within the password manager login functionality in the 'contraseña' parameter of the login form 'redacted/index.php'. During f
A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper valida
A vulnerability in the web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user o
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Zoo Management System v1.0. The vulnerability is located in the login page, specifically within the msg parameter. The app
A vulnerability in the web-based management interface of network access control services could allow an unauthenticated remote attacker to conduct a Reflected Cross-Site Scripting (XSS) attack. Succes
A stored Cross-site Scripting (XSS) vulnerability affecting Opportunity Management in Project Portfolio Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker
A reflected cross-site scripting (XSS) vulnerability in MCMS v6.0.1 allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted payload.
A stored cross-site scripting (XSS) vulnerability in the New Goal Creation section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML
A cross-site scripting (XSS) vulnerability in rrweb-snapshot before v2.0.0-alpha.18 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
A stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to exec
A reflected Cross-Site Scripting (XSS) vulnerability was found on Temenos T24 Browser R19.40 that enables a remote attacker to execute arbitrary JavaScript code via the skin parameter in the about.jsp
A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the userName parameter at /logi
Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting (XSS) in its chat box component. This allows a remote attacker to execute arbitrary code. NOTE: the Supplier
A cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field of Custom Fields messag
A stored Cross-site Scripting (XSS) vulnerability affecting Compare in Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execu
A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_ed
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS)
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS)
Page 1+ Next →