Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-11339
An XSS issue exists in Frappe ERPNext v11.x.x-develop b1036e5 via a comment.
Frappe Erpnext 11.x.x-develop B1036e5
1 EDB exploit
NA
CVE-2011-1838
Multiple cross-site scripting (XSS) vulnerabilities in TemplateLogin.pm in TWiki prior to 5.0.2 allow remote malicious users to inject arbitrary web script or HTML via the origurl parameter to a (1) view script or (2) login script.
Twiki Twiki 4.1.1
Twiki Twiki 4.0.1
Twiki Twiki 4.2.3
Twiki Twiki 4.2.4
Twiki Twiki 4.3.0
Twiki Twiki 4.3.2
Twiki Twiki 4.0.3
Twiki Twiki 4.0.4
Twiki Twiki 4.2.1
Twiki Twiki 4.2.0
Twiki Twiki 4.0.0
Twiki Twiki 4.5.0
Twiki Twiki 4.1.0
Twiki Twiki 4.3.1
Twiki Twiki 5.0.0
Twiki Twiki 4.2.2
Twiki Twiki
Twiki Twiki 4.0.2
Twiki Twiki 4.0.5
Twiki Twiki 4.1.2
1 EDB exploit
6.1
CVSSv3
CVE-2023-36163
Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote malicious user to execute arbitrary code via a crafted script to the mc parameter of the URL.
Buildagate Project Buildagate 5
1 EDB exploit
1 Github repository
5.4
CVSSv3
CVE-2020-8776
Alfresco Enterprise prior to 5.2.7 and Alfresco Community prior to 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file.
Alfresco Alfresco
1 EDB exploit
5.4
CVSSv3
CVE-2020-8777
Alfresco Enterprise prior to 5.2.7 and Alfresco Community prior to 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document.
Alfresco Alfresco
1 EDB exploit
5.4
CVSSv3
CVE-2020-8778
Alfresco Enterprise prior to 5.2.7 and Alfresco Community prior to 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project.
Alfresco Alfresco
1 EDB exploit
4.8
CVSSv3
CVE-2018-11332
Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote malicious users to inject arbitrary web script or HTML via a crafted site name to the manager/processors/sav...
Clippercms Clippercms 1.3.3
1 EDB exploit
5.4
CVSSv3
CVE-2018-11403
DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter.
Domainmod Domainmod 4.09.03
1 EDB exploit
6.1
CVSSv3
CVE-2017-3132
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and previous versions allows malicious users to Execute unauthorized code or commands via the action input during the activation of a FortiToken.
Fortinet Fortios
1 EDB exploit
6.1
CVSSv3
CVE-2017-3133
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and previous versions allows malicious users to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN.
Fortinet Fortios
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »