Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-05 | CVE-2024-34343 | Cross-site Scripting vulnerability in Nuxt Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. | 6.1 |
| 2024-08-05 | CVE-2024-41816 | Cross-site Scripting vulnerability in Boxystudio Cooked Cooked is a recipe plugin for WordPress. | 5.4 |
| 2024-08-05 | CVE-2024-41959 | Cross-site Scripting vulnerability in Mailcow Mailcow: Dockerized mailcow: dockerized is an open source groupware/email suite based on docker. | 6.1 |
| 2024-08-05 | CVE-2024-41960 | Cross-site Scripting vulnerability in Mailcow Mailcow: Dockerized mailcow: dockerized is an open source groupware/email suite based on docker. | 4.8 |
| 2024-08-05 | CVE-2024-42008 | Cross-site Scripting vulnerability in Roundcube Webmail A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious e-mail attachment served with a dangerous Content-Type header. | 9.3 |
| 2024-08-05 | CVE-2024-42009 | Cross-site Scripting vulnerability in Roundcube Webmail A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php. | 9.3 |
| 2024-08-05 | CVE-2024-6361 | Cross-site Scripting vulnerability in Opentext ALM Octane Improper Neutralization vulnerability (XSS) has been discovered in OpenTextâ„¢ ALM Octane. | 5.4 |
| 2024-08-05 | CVE-2024-6498 | Cross-site Scripting vulnerability in Micro.Company Collect.Chat The Chatbot for WordPress by Collect.chat ?? WordPress plugin before 2.4.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | 4.8 |
| 2024-08-05 | CVE-2024-6710 | Cross-site Scripting vulnerability in Metaphorcreations Ditty The Ditty WordPress plugin before 3.1.45 does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks. | 5.4 |
| 2024-08-05 | CVE-2024-7466 | Cross-site Scripting vulnerability in Pmweb 7.2.00 A vulnerability has been found in PMWeb 7.2.00 and classified as problematic. | 5.4 |