Vulnerabilities > Improper Neutralization of Alternate XSS Syntax
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-22 | CVE-2023-50712 | Improper Neutralization of Alternate XSS Syntax vulnerability in Dfir-Iris Iris Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. | 5.4 |
2023-06-23 | CVE-2023-35158 | Improper Neutralization of Alternate XSS Syntax vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.1 |
2020-06-03 | CVE-2020-5298 | Improper Neutralization of Alternate XSS Syntax vulnerability in Octobercms October In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, a user with the ability to use the import functionality of the `ImportExportController` behavior can be socially engineered by an attacker to upload a maliciously crafted CSV file which could result in a reflected XSS attack on the user in question Issue has been patched in Build 466 (v1.0.466). | 3.5 |