Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-16 | CVE-2024-43381 | Cross-site Scripting vulnerability in Yogeshojha Rengine reNgine is an automated reconnaissance framework for web applications. | 5.4 |
| 2024-08-16 | CVE-2024-43807 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page | 5.4 |
| 2024-08-16 | CVE-2024-43808 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin | 5.4 |
| 2024-08-16 | CVE-2024-43809 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page | 6.1 |
| 2024-08-16 | CVE-2024-43810 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin | 5.4 |
| 2024-08-16 | CVE-2024-7144 | Cross-site Scripting vulnerability in Crocoblock Jetelements The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'slide_id' parameters in all versions up to, and including, 2.6.20 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-08-16 | CVE-2024-7852 | Cross-site Scripting vulnerability in Oretnom23 Yoga Class Registration System 1.0 A vulnerability was found in SourceCodester Yoga Class Registration System 1.0 and classified as problematic. | 5.4 |
| 2024-08-15 | CVE-2024-7844 | Cross-site Scripting vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0 A vulnerability has been found in SourceCodester Online Graduate Tracer System 1.0 and classified as problematic. | 5.4 |
| 2024-08-15 | CVE-2024-27729 | Cross-site Scripting vulnerability in Friendica 2023.12 Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature. | 6.1 |
| 2024-08-15 | CVE-2024-42678 | Cross-site Scripting vulnerability in Cysoft168 Super Easy Enterprise Management System Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component. | 6.1 |