Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-13 | CVE-2024-25122 | Cross-site Scripting vulnerability in Mhenrixon Sidekiq-Unique-Jobs sidekiq-unique-jobs is an open source project which prevents simultaneous Sidekiq jobs with the same unique arguments to run. | 6.1 |
| 2024-02-13 | CVE-2023-50808 | Cross-site Scripting vulnerability in Zimbra Collaboration Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the Modern UI. | 6.1 |
| 2024-02-13 | CVE-2023-45206 | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. | 6.1 |
| 2024-02-13 | CVE-2023-45207 | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. | 6.1 |
| 2024-02-13 | CVE-2023-48432 | Cross-site Scripting vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. | 6.1 |
| 2024-02-13 | CVE-2024-1159 | Cross-site Scripting vulnerability in Bold-Themes Bold Page Builder The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4.8.0 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-02-13 | CVE-2023-52059 | Cross-site Scripting vulnerability in Gestsup A cross-site scripting (XSS) vulnerability in Gestsup v3.2.46 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field. | 5.4 |
| 2024-02-12 | CVE-2023-52430 | Cross-site Scripting vulnerability in Authcrunch Caddy-Security 1.1.20 The caddy-security plugin 1.1.20 for Caddy allows reflected XSS via a GET request to a URL that contains an XSS payload and begins with either a /admin or /settings/mfa/delete/ substring. | 6.1 |
| 2024-02-12 | CVE-2024-22230 | Cross-site Scripting vulnerability in Dell Unity Operating Environment Dell Unity, versions prior to 5.4, contains a Cross-site scripting vulnerability. | 5.4 |
| 2024-02-12 | CVE-2023-6081 | Cross-site Scripting vulnerability in Chartjs Project Chartjs 2023.2 The chartjs WordPress plugin through 2023.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | 5.4 |