Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-0007
The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 does not properly evaluate characters after the detection of a Cascading Style Sheets (CSS) escaped character, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML input, aka...
Microsoft Anti-cross Site Scripting Library 3.1
Microsoft Anti-cross Site Scripting Library 4.0
1 EDB exploit available
4.3
CVSSv2
CVE-2014-2856
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function....
Apple Cups 1.1
Apple Cups 1.1.1
Apple Cups 1.1.2
Apple Cups 1.1.3
Apple Cups 1.1.4
Apple Cups 1.1.5
Apple Cups 1.1.5-1
Apple Cups 1.1.5-2
Apple Cups 1.1.6
Apple Cups 1.1.6-1
Apple Cups 1.1.6-2
Apple Cups 1.1.6-3
Apple Cups 1.1.7
Apple Cups 1.1.8
Apple Cups 1.1.9
Apple Cups 1.1.9-1
Apple Cups 1.1.10
Apple Cups 1.1.10-1
Apple Cups 1.1.11
Apple Cups 1.1.12
Apple Cups 1.1.13
Apple Cups 1.1.14
Apple Cups 1.1.15
Apple Cups 1.1.16
Apple Cups 1.1.17
Apple Cups 1.1.18
Apple Cups 1.1.19
Apple Cups 1.1.20
Apple Cups 1.1.21
Apple Cups 1.1.22
Apple Cups 1.1.23
Apple Cups 1.2
Apple Cups 1.2.0
Apple Cups 1.2.1
Apple Cups 1.2.2
Apple Cups 1.2.3
Apple Cups 1.2.4
Apple Cups 1.2.5
Apple Cups 1.2.6
Apple Cups 1.2.7
Apple Cups 1.2.8
Apple Cups 1.2.9
Apple Cups 1.2.10
Apple Cups 1.2.11
Apple Cups 1.2.12
Apple Cups 1.3
Apple Cups 1.3.0
Apple Cups 1.3.1
Apple Cups 1.3.2
Apple Cups 1.3.3
Apple Cups 1.3.4
Apple Cups 1.3.5
Apple Cups 1.3.6
Apple Cups 1.3.7
Apple Cups 1.3.8
Apple Cups 1.3.9
Apple Cups 1.3.10
Apple Cups 1.3.11
Apple Cups 1.4
Apple Cups 1.4.0
Apple Cups 1.4.1
Apple Cups 1.4.2
Apple Cups 1.4.3
Apple Cups 1.4.4
Apple Cups 1.4.5
Apple Cups 1.4.6
Apple Cups 1.4.7
Apple Cups 1.4.8
Apple Cups 1.5
Apple Cups 1.5.0
Apple Cups 1.5.1
Apple Cups 1.5.2
Apple Cups 1.5.3
Apple Cups 1.5.4
Apple Cups 1.6
Apple Cups 1.6.1
Apple Cups 1.6.2
Apple Cups 1.6.3
Apple Cups 1.6.4
Apple Cups 1.7
Apple Cups 1.7.0
Apple Cups
Apple Cups 1.7.1
4.3
CVSSv2
CVE-2015-5169
Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20....
Apache Struts
4.3
CVSSv2
CVE-2014-0141
Cross-site scripting (XSS) vulnerability in Red Hat Satellite 6.0.3....
Redhat Satellite 6.0.3
2 Github repositories available
4.3
CVSSv2
CVE-2014-3653
Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template....
Theforeman Foreman
4.3
CVSSv2
CVE-2017-1000188
nodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scripting in the ejs.renderFile() resulting in code injection...
Ejs Ejs
1 Github repository available
3.5
CVSSv2
CVE-2021-26925
Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering....
Roundcube Roundcube
Fedoraproject Fedora 32
Fedoraproject Fedora 33
4.3
CVSSv2
CVE-2016-10245
Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection....
Doxygen Doxygen
4.3
CVSSv2
CVE-2020-3867
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to...
Apple Icloud
Apple Itunes
Apple Safari
Apple Ipados
Apple Iphone Os
Apple Tvos
Opensuse Leap 15.1
4.3
CVSSv2
CVE-2016-10366
Kibana versions after and including 4.3 and before 4.6.2 are vulnerable to a cross-site scripting (XSS) attack....
Elastic Kibana 4.3.0
Elastic Kibana 4.3.1
Elastic Kibana 4.3.2
Elastic Kibana 4.3.3
Elastic Kibana 4.4.0
Elastic Kibana 4.4.1
Elastic Kibana 4.4.2
Elastic Kibana 4.5.0
Elastic Kibana 4.5.1
Elastic Kibana 4.5.2
Elastic Kibana 4.5.3
Elastic Kibana 4.5.4
Elastic Kibana 4.6.0
Elastic Kibana 4.6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-24027
open redirect
CVE-2021-30487
CVE-2021-28048
CVE-2021-23886
local file inclusion
CVE-2021-28483
log injection
CVE-2021-29448
Vulnerability Notification Service
Get Started
1
2
3
4
5
NEXT »