Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-41774 | Cross-site Scripting vulnerability in IBM Common Licensing 9.0 IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. | 4.8 |
| 2024-08-13 | CVE-2024-7247 | Cross-site Scripting vulnerability in Bdthemes Element Pack The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Custom Gallery and Countdown widgets in all versions up to, and including, 5.7.2 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-08-13 | CVE-2024-7092 | Cross-site Scripting vulnerability in Wpdeveloper Essential Addons for Elementor The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘no_more_items_text’ parameter in all versions up to, and including, 5.9.27 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-08-13 | CVE-2024-41735 | Cross-site Scripting vulnerability in SAP Commerce Backoffice Hycom2205 SAP Commerce Backoffice does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability causing low impact on confidentiality and integrity of the application. | 5.4 |
| 2024-08-12 | CVE-2024-43152 | Cross-site Scripting vulnerability in 3Dflipbook 3D Flipbook Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in iberezansky 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery allows Stored XSS.This issue affects 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery: from n/a through 1.15.6. | 6.1 |
| 2024-08-12 | CVE-2024-43225 | Cross-site Scripting vulnerability in Themelooks Enter Addons Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeLooks Enter Addons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.7. | 5.4 |
| 2024-08-12 | CVE-2024-43231 | Cross-site Scripting vulnerability in Themeum Tutor LMS Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3. | 5.4 |
| 2024-08-12 | CVE-2024-43358 | Cross-site Scripting vulnerability in Zoneminder ZoneMinder is a free, open source closed-circuit television software application. | 6.1 |
| 2024-08-12 | CVE-2024-43359 | Cross-site Scripting vulnerability in Zoneminder ZoneMinder is a free, open source closed-circuit television software application. | 6.1 |
| 2024-08-12 | CVE-2024-40500 | Cross-site Scripting vulnerability in Scilico I-Librarian Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component. | 8.6 |