Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-10 | CVE-2024-36450 | Cross-site Scripting vulnerability in Webmin Cross-site scripting vulnerability exists in sysinfo.cgi of Webmin versions prior to 1.910. | 5.4 |
| 2024-07-10 | CVE-2024-4866 | Cross-site Scripting vulnerability in Codeastrology Ultraaddons The UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-07-09 | CVE-2024-22477 | Cross-site Scripting vulnerability in Pingidentity Pingfederate A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. | 4.3 |
| 2024-07-09 | CVE-2024-27183 | Cross-site Scripting vulnerability in Dj-Extensions Dj-Helpfularticles XSS vulnerability in DJ-HelpfulArticles component for Joomla. | 6.1 |
| 2024-07-09 | CVE-2024-38971 | Cross-site Scripting vulnerability in Vaethink 1.0.2 vaeThink 1.0.2 is vulnerable to stored Cross Site Scripting (XSS) in the system backend. | 5.4 |
| 2024-07-09 | CVE-2024-38972 | Cross-site Scripting vulnerability in Netbox 4.0.3 A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/add/. | 6.1 |
| 2024-07-09 | CVE-2024-40726 | Cross-site Scripting vulnerability in Netbox 4.0.3 A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/{id}/edit/. | 6.1 |
| 2024-07-09 | CVE-2024-40727 | Cross-site Scripting vulnerability in Netbox 4.0.3 A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/add/. | 6.1 |
| 2024-07-09 | CVE-2024-40728 | Cross-site Scripting vulnerability in Netbox 4.0.3 A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/{id}/edit/. | 6.1 |
| 2024-07-09 | CVE-2024-40729 | Cross-site Scripting vulnerability in Netbox 4.0.3 A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/add/. | 6.1 |