Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2022-06-26 CVE-2020-27509 Cross-site Scripting vulnerability in Galaxkey
Persistent XSS in Galaxkey Secure Mail Client in Galaxkey up to 5.6.11.5 allows an attacker to perform an account takeover by intercepting the HTTP Post request when sending an email and injecting a specially crafted XSS payload in the 'subject' field.
network
galaxkey CWE-79
3.5
2022-06-24 CVE-2022-33122 Cross-site Scripting vulnerability in Eyoucms 1.5.6
A stored cross-site scripting (XSS) vulnerability in eyoucms v1.5.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL field under the login page.
network
eyoucms CWE-79
3.5
2022-06-24 CVE-2021-38871 Cross-site Scripting vulnerability in IBM Jazz Team Server
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2022-06-24 CVE-2021-39408 Cross-site Scripting vulnerability in Online Student Rate System Project Online Student Rate System 1.0
Cross Site Scripting (XSS) vulnerability exists in Online Student Rate System 1.0 via the page parameter on the index.php file
4.3
2022-06-24 CVE-2017-20092 Cross-site Scripting vulnerability in Yoast Google Analytics Dashboard 2.1.1
A vulnerability classified as problematic was found in Google Analytics Dashboard Plugin 2.1.1.
network
yoast CWE-79
4.3
2022-06-24 CVE-2017-20094 Cross-site Scripting vulnerability in Newstatpress Project Newstatpress 1.2.4
A vulnerability, which was classified as problematic, has been found in NewStatPress Plugin 1.2.4.
3.5
2022-06-24 CVE-2017-20096 Cross-site Scripting vulnerability in Wp-Spamfree Anti-Spam Project Wp-Spamfree Anti-Spam 2.1.1.4
A vulnerability classified as problematic has been found in WP-SpamFree Anti-Spam Plugin 2.1.1.4.
4.3
2022-06-24 CVE-2017-20097 Cross-site Scripting vulnerability in Wp-Filebase Download Manager Project Wp-Filebase Download Manager 3.4.4
A vulnerability was found in WP-Filebase Download Manager Plugin 3.4.4.
4.3
2022-06-23 CVE-2022-32987 Cross-site Scripting vulnerability in Simple Bakery Shop Management System Project Simple Bakery Shop Management System 1.0
Multiple cross-site scripting (XSS) vulnerabilities in /bsms/?page=manage_account of Simple Bakery Shop Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username or Full Name fields.
3.5
2022-06-23 CVE-2021-29055 Cross-site Scripting vulnerability in School File Management System Project School File Management System 1.0
Cross Site Scripting (XSS) vulnerability in sourcecodester School File Management System 1.0 via the Firtstname parameter to the Update Account form in student_profile.php.
4.3