Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2024-10-07 CVE-2024-47772 Cross-site Scripting vulnerability in Discourse
Discourse is an open source platform for community discussion.
network
low complexity
discourse CWE-79
6.1
6.1
2024-10-07 CVE-2024-46300 Cross-site Scripting vulnerability in Angeljudesuarez Placement Management System 1.0
itsourcecode Placement Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Full Name field in registration.php.
network
low complexity
angeljudesuarez CWE-79
6.1
6.1
2024-10-07 CVE-2024-28709 Cross-site Scripting vulnerability in Limesurvey
Cross Site Scripting vulnerability in LimeSurvey before 6.5.12+240611 allows a remote attacker to execute arbitrary code via a crafted script to the title and comment fields.
network
low complexity
limesurvey CWE-79
6.1
6.1
2024-10-07 CVE-2024-28710 Cross-site Scripting vulnerability in Limesurvey
Cross Site Scripting vulnerability in LimeSurvey before 6.5.0+240319 allows a remote attacker to execute arbitrary code via a lack of input validation and output encoding in the Alert Widget's message component.
network
low complexity
limesurvey CWE-79
6.1
6.1
2024-10-07 CVE-2024-45932 Cross-site Scripting vulnerability in Webkul Krayin CRM 1.3.0
Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting (XSS) via the organization name field in /admin/contacts/organizations/edit/2.
network
low complexity
webkul CWE-79
4.8
4.8
2024-10-07 CVE-2024-9571 Cross-site Scripting vulnerability in Soplanning
Cross-Site Scripting (XSS) vulnerability in SOPlanning <1.45, due to lack of proper validation of user input via /soplanning/www/process/xajax_server.php, affecting multiple parameters.
network
low complexity
soplanning CWE-79
5.4
5.4
2024-10-07 CVE-2024-9572 Cross-site Scripting vulnerability in Soplanning
Cross-Site Scripting (XSS) vulnerability in SOPlanning <1.45, due to lack of proper validation of user input via /soplanning/www/process/groupe_save.php, in the groupe_id parameter.
network
low complexity
soplanning CWE-79
5.4
5.4
2024-10-07 CVE-2024-45153 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
5.4
5.4
2024-10-06 CVE-2024-45454 Cross-site Scripting vulnerability in Unlimited-Elements Unlimited Elements for Elementor
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Reflected XSS.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.121.
network
low complexity
unlimited-elements CWE-79
6.1
6.1
2024-10-06 CVE-2024-47298 Cross-site Scripting vulnerability in Bold-Themes Bold Page Builder
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 5.1.1.
network
low complexity
bold-themes CWE-79
5.4
5.4