Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anchor vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-9495
The syndication-links plugin prior to 1.0.3 for WordPress has XSS via the genericons/example.html anchor identifier.
Syndication Links Project Syndication Links
5.4
CVSSv3
CVE-2022-1330
stored xss due to unsantized anchor url in GitHub repository alvarotrigo/fullpage.js before 4.0.4. stored xss .
Fullpage Project Fullpage
6.1
CVSSv3
CVE-2015-9494
The indieweb-post-kinds plugin prior to 1.3.1.1 for WordPress has XSS via the genericons/example.html anchor identifier.
Indieweb Post Kinds Project Indieweb Post Kinds
6.1
CVSSv3
CVE-2015-9500
The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via the anchor identifier to assets/js/jquery.foundation.plugins.js.
Exquisite Ultimate Newspaper Project Exquisite Ultimate Newspaper 1.3.3
5.4
CVSSv3
CVE-2021-24470
The Yada Wiki WordPress plugin prior to 3.4.1 did not sanitise, validate or escape the anchor attribute of its shortcode, leading to a Stored Cross-Site Scripting issue
Yada Wiki Project Yada Wiki
6.1
CVSSv3
CVE-2023-30792
Anchor tag hrefs in Lexical prior to v0.10.0 would render javascript: URLs, allowing for cross-site scripting on link clicks in cases where input was being parsed from untrusted sources.
Facebook Lexical
NA
CVE-2008-6283
Cross-site scripting (XSS) vulnerability in Subtext 2.0 allows remote malicious users to inject arbitrary web script or HTML via a comment, related to "the feature which converts URLs to anchor tags."
Subtextproject Subtext 2.0
NA
CVE-2008-1184
The DNSSEC validation library (libval) library in dnssec-tools prior to 1.3.1 does not properly check that the signing key is the APEX trust anchor, which might allow malicious users to conduct unspecified attacks.
Dnssec-tools Dnssec-tools
NA
CVE-2007-5443
Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.1.3.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to (1) the anchor tag and (2) listtags.
Cmsmadesimple Cms Made Simple 1.1.3.1
5.9
CVSSv3
CVE-2017-12373
A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote malicious user to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) att...
Cisco Adaptive Security Appliance 5505 Firmware -
Cisco Adaptive Security Appliance 5510 Firmware -
Cisco Adaptive Security Appliance 5520 Firmware -
Cisco Adaptive Security Appliance 5540 Firmware -
Cisco Adaptive Security Appliance 5550 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »