Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cross-site scripting vulnerabilities and exploits

(subscribe to this query)

4.3
CVSSv2
CVE-2012-0007
The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 does not properly evaluate characters after the detection of a Cascading Style Sheets (CSS) escaped character, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML input, aka...
Microsoft Anti-cross Site Scripting Library 3.1Microsoft Anti-cross Site Scripting Library 4.0
4.3
CVSSv2
CVE-2020-13666
Drupal core Moderately critical Cross-site scripting. The Drupal AJAX API does not disable JSONP by default, which can lead to cross-site scripting....
Drupal Drupal
4.3
CVSSv2
CVE-2014-2856
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function....
Apple Cups 1.1.12Apple Cups 1.1.13Apple Cups 1.1.19Apple Cups 1.1.20Apple Cups 1.1.22Apple Cups 1.1.5-2Apple Cups 1.1.6Apple Cups 1.1.6-1Apple Cups 1.2Apple Cups 1.2.11Apple Cups 1.2.12Apple Cups 1.2.9Apple Cups 1.3Apple Cups 1.3.2Apple Cups 1.3.3Apple Cups 1.4Apple Cups 1.4.5Apple Cups 1.4.6Apple Cups 1.5.0Apple Cups 1.5Apple Cups 1.6Apple Cups 1.1.1Apple Cups 1.1.10Apple Cups 1.1.16Apple Cups 1.1.17Apple Cups 1.1.2Apple Cups 1.1.21Apple Cups 1.1.3Apple Cups 1.1.4Apple Cups 1.1.7Apple Cups 1.1.8Apple Cups 1.2.0Apple Cups 1.2.4Apple Cups 1.2.5Apple Cups 1.3.0Apple Cups 1.3.1Apple Cups 1.3.6Apple Cups 1.3.7Apple Cups 1.4.0Apple Cups 1.4.1Apple Cups 1.4.2Apple Cups 1.5.4Apple Cups 1.5.3Apple Cups 1.6.4Apple Cups 1.6.3Apple Cups 1.7Apple Cups 1.1Apple Cups 1.1.14Apple Cups 1.1.15Apple Cups 1.1.23Apple Cups 1.1.6-2Apple Cups 1.1.6-3Apple Cups 1.2.2Apple Cups 1.2.3Apple Cups 1.3.4Apple Cups 1.3.5Apple Cups 1.4.7Apple Cups 1.4.8Apple Cups 1.7.1Apple CupsApple Cups 1.7.0Apple Cups 1.1.10-1Apple Cups 1.1.11Apple Cups 1.1.18Apple Cups 1.1.5Apple Cups 1.1.5-1Apple Cups 1.1.9Apple Cups 1.1.9-1Apple Cups 1.2.1Apple Cups 1.2.10Apple Cups 1.2.6Apple Cups 1.2.7Apple Cups 1.2.8Apple Cups 1.3.10Apple Cups 1.3.11Apple Cups 1.3.8Apple Cups 1.3.9Apple Cups 1.4.3Apple Cups 1.4.4Apple Cups 1.5.2Apple Cups 1.5.1Apple Cups 1.6.2Apple Cups 1.6.1
4.3
CVSSv2
CVE-2014-0141
Cross-site scripting (XSS) vulnerability in Red Hat Satellite 6.0.3....
Redhat Satellite 6.0.3
4.3
CVSSv2
CVE-2015-5169
Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20....
Apache Struts
4.3
CVSSv2
CVE-2014-3653
Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template....
Theforeman Foreman
4.3
CVSSv2
CVE-2017-1000188
nodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scripting in the ejs.renderFile() resulting in code injection...
Ejs Ejs
4.3
CVSSv2
CVE-2021-41798
MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page....
Mediawiki MediawikiFedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35
3.5
CVSSv2
CVE-2021-26925
Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering....
Roundcube RoundcubeFedoraproject Fedora 32Fedoraproject Fedora 33
4.3
CVSSv2
CVE-2016-10245
Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection....
Doxygen Doxygen
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-43267CVE-2021-42544CVE-2021-20850CVE-2021-4015race conditiontrendmicronodebbcache poisoningconcretecmsacronisCVE-2021-42564reflected XSSCVE-2021-42115
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook