Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2024-02-20 CVE-2024-1647 Pyhtml2pdf version 0.0.6 allows an external attacker to remotely obtain arbitrary local files.
network
low complexity
CWE-79
7.5
2024-02-15 CVE-2023-26206 Cross-site Scripting vulnerability in Fortinet Fortinac
An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiNAC 9.4.0 - 9.4.2, 9.2.0 - 9.2.8, 9.1.0 - 9.1.10 and 7.2.0 allows an attacker to execute unauthorized code or commands via the name fields observed in the policy audit logs.
network
low complexity
fortinet CWE-79
6.1
2024-02-15 CVE-2024-20717 Cross-site Scripting vulnerability in Adobe Commerce 2.4.4/2.4.5/2.4.6
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
5.4
2024-02-15 CVE-2024-20719 Cross-site Scripting vulnerability in Adobe Commerce 2.4.4/2.4.5/2.4.6
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into every admin page.
network
low complexity
adobe CWE-79
critical
9.1
2024-02-14 CVE-2024-25207 Cross-site Scripting vulnerability in Barangay Management System Project Barangay Management System 1.0
Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Add Resident function at /barangay-population-monitoring-system/masterlist.php.
5.4
2024-02-14 CVE-2024-25208 Cross-site Scripting vulnerability in Barangay Management System Project Barangay Management System 1.0
Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Add Resident function at /barangay-population-monitoring-system/masterlist.php.
5.4
2024-02-14 CVE-2024-25218 Cross-site Scripting vulnerability in Task Manager in PHP With Source Code Project Task Manager in PHP With Source Code 1.0
A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Project Name parameter /TaskManager/Projects.php.
6.1
2024-02-14 CVE-2024-25219 Cross-site Scripting vulnerability in Task Manager in PHP With Source Code Project Task Manager in PHP With Source Code 1.0
A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Task Name parameter /TaskManager/Task.php.
6.1
2024-02-14 CVE-2024-25221 Cross-site Scripting vulnerability in Task Manager in PHP With Source Code Project Task Manager in PHP With Source Code 1.0
A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php.
6.1
2024-02-13 CVE-2024-21389 Cross-site Scripting vulnerability in Microsoft Dynamics 365
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
network
low complexity
microsoft CWE-79
7.6