Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-27 | CVE-2024-8208 | Cross-site Scripting vulnerability in Insurance Management System Project Insurance Management System 1.0 A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. | 6.1 |
| 2024-08-27 | CVE-2024-8209 | Cross-site Scripting vulnerability in Insurance Management System Project Insurance Management System 1.0 A vulnerability was found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. | 6.1 |
| 2024-08-27 | CVE-2024-43788 | Cross-site Scripting vulnerability in Webpack.Js Webpack Webpack is a module bundler. | 6.1 |
| 2024-08-27 | CVE-2024-41174 | Cross-site Scripting vulnerability in Beckhoff IPC Diagnostics Package and Twincat/Bsd The IPC-Diagnostics package in TwinCAT/BSD is susceptible to improper input neutralization by a low-privileged local attacker. | 9.0 |
| 2024-08-27 | CVE-2024-6804 | Cross-site Scripting vulnerability in Jegtheme JEG Elementor KIT The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.6.7 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-08-27 | CVE-2024-7304 | Cross-site Scripting vulnerability in Wpmanageninja Ninja Tables The Ninja Tables – Easiest Data Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.12 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-08-26 | CVE-2024-43915 | Cross-site Scripting vulnerability in Zephyr-One Zephyr Project Manager Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager allows Reflected XSS.This issue affects Zephyr Project Manager: from n/a through .3.102. | 5.4 |
| 2024-08-26 | CVE-2024-42906 | Cross-site Scripting vulnerability in Testlink TestLink before v.1.9.20 is vulnerable to Cross Site Scripting (XSS) via the pop-up on upload file. | 6.1 |
| 2024-08-26 | CVE-2024-44793 | Cross-site Scripting vulnerability in Gazelle Project Gazelle A cross-site scripting (XSS) vulnerability in the component /managers/multiple_freeleech.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the torrents parameter. | 6.1 |
| 2024-08-26 | CVE-2024-44794 | Cross-site Scripting vulnerability in Xiebruce Picuploader A cross-site scripting (XSS) vulnerability in the component /master/auth/OnedriveRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error_description parameter. | 6.1 |