Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The Mocca Calendar application before 2.15 for XWiki allows XSS via a title to the view event page.
WikiDocs before 1.0.65 allows stored XSS by authenticated users via data that comes after $$\\, which is mishandled by a KaTeX parser.
The Mocca Calendar application before 2.15 for XWiki allows XSS via the background or text color field.
A Cross-site-scripting (XSS) vulnerability exists in the Reporter Widgets that allows HTML injection.
Subscriber Cross Site Scripting (XSS) in Modula Image Gallery <= 2.14.23 versions.
The Mocca Calendar application before 2.15 for XWiki allows XSS via a title upon calendar import.
Gitea before 1.22.2 allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text.
Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in various components.
Unauthenticated Cross Site Scripting (XSS) in Royal Elementor Addons Pro < 1.7.1041 versions.
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
CVE-2024-41662
CRITICAL CVSS 9.6
Find Similar
VNote is a note-taking platform. A Cross-Site Scripting (XSS) vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking applicatio
Page 1+ Next →