Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-06	CVE-2024-27278	Cross-site Scripting vulnerability in Openpne Optimelineplugin OpenPNE Plugin "opTimelinePlugin" 1.2.11 and earlier contains a cross-site scripting vulnerability. network low complexity openpne CWE-79	5.4
2024-03-05	CVE-2024-24275	Cross-site Scripting vulnerability in Teamwire Cross Site Scripting vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the global search function. network low complexity teamwire CWE-79 critical	9.6
2024-03-05	CVE-2024-24276	Cross-site Scripting vulnerability in Teamwire Cross Site Scripting (XSS) vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the chat name, message preview, username and group name components. network low complexity teamwire CWE-79 critical	9.6
2024-03-05	CVE-2024-2179	Cross-site Scripting vulnerability in Concretecms Concrete CMS Concrete CMS version 9 before 9.2.7 is vulnerable to Stored XSS via the Name field of a Group type since there is insufficient validation of administrator provided data for that field. network low complexity concretecms CWE-79	4.8
2024-03-05	CVE-2022-46088	Cross-site Scripting vulnerability in Oretnom23 Online Flight Booking Management System 1.0 Online Flight Booking Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the feedback form. network low complexity oretnom23 CWE-79	6.1
2024-03-05	CVE-2024-21838	Cross-site Scripting vulnerability in Gallagher Command Centre Improper neutralization of special elements in output (CWE-74) used by the email generation feature of the Command Centre Server could lead to HTML code injection in emails generated by Command Centre. network low complexity gallagher CWE-79	5.4
2024-03-04	CVE-2024-27668	Cross-site Scripting vulnerability in Flusity 2.33 Flusity-CMS v2.33 is affected by: Cross Site Scripting (XSS) in 'Custom Blocks.' network low complexity flusity CWE-79	6.1
2024-03-02	CVE-2024-25865	Cross-site Scripting vulnerability in Anzhiyu-C Hexo-Theme-Anzhiyu 1.6.12 Cross Site Scripting (XSS) vulnerability in hexo-theme-anzhiyu v1.6.12, allows remote attackers to execute arbitrary code via the algolia search function. network low complexity anzhiyu-c CWE-79	6.1
2024-03-02	CVE-2024-0611	Cross-site Scripting vulnerability in Averta Master Slider The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the slides callback functionality in all versions up to, and including, 3.9.5. network low complexity averta CWE-79	4.8
2024-03-02	CVE-2024-1449	Cross-site Scripting vulnerability in Averta Master Slider The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ms_slide shortcode in all versions up to, and including, 3.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity averta CWE-79	5.4