Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-07 | CVE-2024-40600 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. | 4.8 |
| 2024-07-07 | CVE-2024-40602 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the Tempo skin for MediaWiki through 1.42.1. | 4.8 |
| 2024-07-07 | CVE-2024-40604 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the Nimbus skin for MediaWiki through 1.42.1. | 4.8 |
| 2024-07-07 | CVE-2024-40605 | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the Foreground skin for MediaWiki through 1.42.1. | 4.8 |
| 2024-07-06 | CVE-2024-37546 | Cross-site Scripting vulnerability in Oxilab Image Hover Effects for Elementor With Lightbox and Flipbox Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in biplob018 Image Hover Effects - Caption Hover with Carousel allows Stored XSS.This issue affects Image Hover Effects - Caption Hover with Carousel: from n/a through 3.0.2. | 5.4 |
| 2024-07-06 | CVE-2024-37539 | Cross-site Scripting vulnerability in Delower WP to DO Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Delower WP To Do allows Stored XSS.This issue affects WP To Do: from n/a through 1.3.0. | 5.4 |
| 2024-07-05 | CVE-2024-23997 | Cross-site Scripting vulnerability in Lukasbach Yana Lukas Bach yana =<1.0.16 is vulnerable to Cross Site Scripting (XSS) via src/electron-main.ts. | 9.6 |
| 2024-07-05 | CVE-2024-23998 | Cross-site Scripting vulnerability in Goanother Another Redis Desktop Manager goanother Another Redis Desktop Manager =<1.6.1 is vulnerable to Cross Site Scripting (XSS) via src/components/Setting.vue. | 9.6 |
| 2024-07-05 | CVE-2024-29318 | Cross-site Scripting vulnerability in Personal-Management-System Personal Management System 1.4.64 Volmarg Personal Management System 1.4.64 is vulnerable to stored cross site scripting (XSS) via upload of a SVG file with embedded javascript code. | 5.4 |
| 2024-07-05 | CVE-2024-6523 | Cross-site Scripting vulnerability in Zkteco Biotime 8.5.3/8.5.4/8.5.5 A vulnerability was found in ZKTeco BioTime up to 9.5.2. | 5.4 |