Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2024-04-15 CVE-2023-44396 Cross-site Scripting vulnerability in Combodo Itop
iTop is an IT service management platform.
network
low complexity
combodo CWE-79
5.4
5.4
2024-04-15 CVE-2023-47123 Cross-site Scripting vulnerability in Combodo Itop 3.1.0/3.1.0211973
iTop is an IT service management platform.
network
low complexity
combodo CWE-79
5.4
5.4
2024-04-15 CVE-2023-47622 Cross-site Scripting vulnerability in Combodo Itop
iTop is an IT service management platform.
network
low complexity
combodo CWE-79
6.1
6.1
2024-04-15 CVE-2023-47626 Cross-site Scripting vulnerability in Combodo Itop 3.1.0/3.1.0211973
iTop is an IT service management platform.
network
low complexity
combodo CWE-79
6.1
6.1
2024-04-15 CVE-2023-43790 Cross-site Scripting vulnerability in Combodo Itop 3.1.0/3.1.0211973
iTop is an IT service management platform.
network
low complexity
combodo CWE-79
5.4
5.4
2024-04-12 CVE-2024-2279 Cross-site Scripting vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 to 16.8.6 all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2.
network
low complexity
gitlab CWE-79
5.4
5.4
2024-04-12 CVE-2024-3092 Cross-site Scripting vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2.
network
low complexity
gitlab CWE-79
5.4
5.4
2024-04-11 CVE-2024-3343 Cross-site Scripting vulnerability in Themeisle Otter Blocks
The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block attributes in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
themeisle CWE-79
5.4
5.4
2024-04-11 CVE-2024-3344 Cross-site Scripting vulnerability in Themeisle Otter Blocks
The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file upload in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping.
network
low complexity
themeisle CWE-79
5.4
5.4
2024-04-10 CVE-2024-2539 Cross-site Scripting vulnerability in Livemeshelementor Addons for Elementor
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget '_id' attributes in all versions up to, and including, 8.3.6 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
livemeshelementor CWE-79
5.4
5.4