Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflected xss vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-17862
A cross-site scripting (XSS) vulnerability in SAP J2EE Engine/7.01/Fiori allows remote malicious users to inject arbitrary web script via the sys_jdbc parameter to /TestJDBC_Web/test2. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Sap J2ee Engine 7.01
6.1
CVSSv3
CVE-2020-11727
A cross-site scripting (XSS) vulnerability in the AlgolPlus Advanced Order Export For WooCommerce plugin 3.1.3 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the view/settings-form.php woe_post_type parameter.
Algolplus Advanced Order Export 3.1.3
6.1
CVSSv3
CVE-2020-28859
OpenAsset Digital Asset Management (DAM) up to and including 12.0.19 does not correctly sanitize user supplied input in multiple parameters and endpoints, allowing for reflected cross-site scripting attacks.
Openasset Digital Asset Management
4.8
CVSSv3
CVE-2020-6843
Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS. This issue was fixed in version 11.0 Build 11010, SD-83959.
Zohocorp Manageengine Servicedesk Plus
6.1
CVSSv3
CVE-2017-6761
A vulnerability in the web-based management interface of Cisco Finesse 10.6(1) and 11.5(1) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerab...
Cisco Finesse 11.5\\(1\\)
Cisco Finesse 10.6\\(1\\)
NA
CVE-2013-6229
Multiple cross-site scripting (XSS) vulnerabilities in Atmail Webmail Server 7.0.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) filter parameter to index.php/mail/mail/listfoldermessages/searching/true/selectFolder/INBOX/resultContext/searchResu...
Atmail Atmail 7.0.2
3 EDB exploits
5.4
CVSSv3
CVE-2019-19390
The Search parameter of the Software Catalogue section of Matrix42 Workspace Management 9.1.2.2765 and below accepts unfiltered parameters that lead to multiple reflected XSS issues.
Matrix42 Workspace Management
5.4
CVSSv3
CVE-2018-20703
CubeCart 6.2.2 has Reflected XSS via a /{ADMIN-FILE}/ query string.
Cubecart Cubecart 6.2.2
5.4
CVSSv3
CVE-2017-6605
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to conduct a reflective cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. ...
Cisco Identity Services Engine 2.1\\(0.800\\)
6.1
CVSSv3
CVE-2020-3463
A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. The vulnerability is du...
Cisco Webex Meetings Online
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »