Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

xss vulnerabilities and exploits

(subscribe to this query)

4.3
CVSSv2
CVE-2017-15717
A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special crafted URLs to pass as valid, although they carry XSS payloads. The affected versions are Apache Sling...
Apache Sling Xss Protection ApiApache Sling Xss Protection Api 2.0.0Apache Sling Xss Protection Api Compat 1.1.0
4.3
CVSSv2
CVE-2015-0577
Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ) page in Cisco AsyncOS, as used on the Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA), allow remote attackers to inject arbitrary web script or HTML via...
Cisco Asyncos -
4.3
CVSSv2
CVE-2015-1812
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1813....
Jenkins JenkinsRedhat Openshift
4.3
CVSSv2
CVE-2020-28034
WordPress before 5.5.2 allows XSS associated with global variables....
Wordpress Wordpress
4.3
CVSSv2
CVE-2020-28038
WordPress before 5.5.2 allows stored XSS via post slugs....
Wordpress Wordpress
4.3
CVSSv2
CVE-2015-1813
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1812....
Jenkins JenkinsRedhat Openshift
4.3
CVSSv2
CVE-2015-5169
Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20....
Apache Struts
4.3
CVSSv2
CVE-2014-0141
Cross-site scripting (XSS) vulnerability in Red Hat Satellite 6.0.3....
Redhat Satellite 6.0.3
4.3
CVSSv2
CVE-2014-8018
Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs...
Cisco Unified Communications Domain Manager 8.0
3.5
CVSSv2
CVE-2017-7538
A cross-site scripting (XSS) flaw was found in how an organization name is displayed in Satellite 5, before 5.8. A user able to change an organization's name could exploit this flaw to perform XSS attacks against other Satellite users....
Redhat Satellite
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTICVE-2021-24218CVE-2021-24086cameraCVE-2021-24198CVE-2018-13379XML external entityCVE-2021-24229CVE-2021-3465
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook