Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2022-01-14 CVE-2021-38677 A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent.
network
CWE-79
4.3
2022-01-13 CVE-2021-43761 Cross-site Scripting vulnerability in Adobe Experience Manager
AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
adobe CWE-79
3.5
2022-01-13 CVE-2021-43764 Cross-site Scripting vulnerability in Adobe Experience Manager
AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
adobe CWE-79
3.5
2022-01-13 CVE-2021-43765 Cross-site Scripting vulnerability in Adobe Experience Manager
AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
adobe CWE-79
4.3
2022-01-13 CVE-2021-44176 Cross-site Scripting vulnerability in Adobe Experience Manager
AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
adobe CWE-79
4.3
2022-01-13 CVE-2021-44177 Cross-site Scripting vulnerability in Adobe Experience Manager
AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
adobe CWE-79
4.3
2022-01-13 CVE-2021-44178 Cross-site Scripting vulnerability in Adobe Experience Manager
AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a reflected Cross-Site Scripting (XSS) vulnerability via the itemResourceType parameter.
network
adobe CWE-79
4.3
2022-01-13 CVE-2021-45422 Cross-site Scripting vulnerability in Reprisesoftware Reprise License Manager 14.2
Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activate_process "count" parameter via GET.
4.3
2022-01-13 CVE-2022-22123 Cross-site Scripting vulnerability in Fit2Cloud Halo
In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the article title.
network
fit2cloud CWE-79
3.5
2022-01-13 CVE-2022-22124 Cross-site Scripting vulnerability in Fit2Cloud Halo
In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the profile image.
network
fit2cloud CWE-79
3.5