Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-23 | CVE-2024-41875 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 5.4 |
| 2024-08-23 | CVE-2024-41876 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. | 5.4 |
| 2024-08-23 | CVE-2024-41877 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 5.4 |
| 2024-08-23 | CVE-2024-41878 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. | 5.4 |
| 2024-08-23 | CVE-2024-42918 | Cross-site Scripting vulnerability in Adonesevangelista Online Accreditation Management System 1.0 itsourcecode Online Accreditation Management System contains a Cross Site Scripting vulnerability, which allows an attacker to execute arbitrary code via a crafted payload to the SCHOOLNAME, EMAILADDRES, CONTACTNO, COMPANYNAME and COMPANYCONTACTNO parameters in controller.php. | 5.4 |
| 2024-08-23 | CVE-2024-38869 | Cross-site Scripting vulnerability in Zohocorp products Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25. | 5.4 |
| 2024-08-23 | CVE-2024-41150 | Cross-site Scripting vulnerability in Zohocorp products An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800. | 6.1 |
| 2024-08-23 | CVE-2024-8112 | Cross-site Scripting vulnerability in Jeesite 5.3 A vulnerability was found in thinkgem JeeSite 5.3. | 6.1 |
| 2024-08-23 | CVE-2024-8113 | Cross-site Scripting vulnerability in Pretix Stored XSS in organizer and event settings of pretix up to 2024.7.0 allows malicious event organizers to inject HTML tags into e-mail previews on settings page. | 5.4 |
| 2024-08-23 | CVE-2024-5502 | Cross-site Scripting vulnerability in Piotnet Addons The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Accordion, Dual Heading, and Vertical Timeline widgets in all versions up to, and including, 2.4.30 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |