Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-01 | CVE-2024-5330 | Cross-site Scripting vulnerability in Soflyy Breakdance The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the breakdance_css_file_paths_cache parameter in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-08-01 | CVE-2024-7343 | Cross-site Scripting vulnerability in Baidu Ueditor 1.4.2 A vulnerability was found in Baidu UEditor 1.4.2. | 6.1 |
| 2024-07-31 | CVE-2024-4187 | Cross-site Scripting vulnerability in Opentext Filr 24.1.1/24.2 Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1 and 24.2. | 5.4 |
| 2024-07-31 | CVE-2024-41953 | Cross-site Scripting vulnerability in Zitadel Zitadel is an open source identity management system. | 6.1 |
| 2024-07-31 | CVE-2024-41947 | Cross-site Scripting vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.4 |
| 2024-07-31 | CVE-2024-31199 | Cross-site Scripting vulnerability in Proges Sensor NET Connect Firmware V2 2.24 A “CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')” allows malicious users to permanently inject arbitrary Javascript code. | 6.1 |
| 2024-07-31 | CVE-2024-7321 | Cross-site Scripting vulnerability in Adonesevangelista Online Blood Bank Management System 1.0 A vulnerability classified as problematic was found in itsourcecode Online Blood Bank Management System 1.0. | 6.1 |
| 2024-07-31 | CVE-2024-6725 | Cross-site Scripting vulnerability in Strategy11 Formidable Forms The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘html’ parameter in all versions up to, and including, 6.11.1 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-07-31 | CVE-2024-7309 | Cross-site Scripting vulnerability in Jkev Record Management System 1.0 A vulnerability was found in SourceCodester Record Management System 1.0. | 5.4 |
| 2024-07-31 | CVE-2024-7310 | Cross-site Scripting vulnerability in Jkev Record Management System 1.0 A vulnerability was found in SourceCodester Record Management System 1.0. | 6.1 |