Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-24 | CVE-2021-43584 | Cross-site Scripting vulnerability in Nagios Cross Platform Agent DOM-based Cross Site Scripting (XSS vulnerability in 'Tail Event Logs' functionality in Nagios Nagios Cross-Platform Agent (NCPA) before 2.4.0 allows attackers to run arbitrary code via the name element when filtering for a log. | 4.8 |
| 2024-01-24 | CVE-2024-22720 | Cross-site Scripting vulnerability in Kanboard 1.2.34 Kanboard 1.2.34 is vulnerable to Html Injection in the group management feature. | 4.8 |
| 2024-01-24 | CVE-2024-23905 | Cross-site Scripting vulnerability in Jenkins RED HAT Dependency Analytics 0.7.0/0.7.1 Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. | 5.4 |
| 2024-01-24 | CVE-2024-22725 | Cross-site Scripting vulnerability in Orthanc-Server Orthanc Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting (XSS) vulnerability. | 6.1 |
| 2024-01-24 | CVE-2023-6697 | Cross-site Scripting vulnerability in Wpgmaps WP GO Maps The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-01-24 | CVE-2024-0665 | Cross-site Scripting vulnerability in Marvinlabs WP Customer Area The WP Customer Area plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 8.2.1 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-01-24 | CVE-2024-23633 | Cross-site Scripting vulnerability in Humansignal Label Studio Label Studio, an open source data labeling tool had a remote import feature allowed users to import data from a remote web source, that was downloaded and could be viewed on the website. | 6.1 |
| 2024-01-23 | CVE-2023-47115 | Cross-site Scripting vulnerability in Humansignal Label Studio Label Studio is an a popular open source data labeling tool. | 5.4 |
| 2024-01-23 | CVE-2023-41176 | Cross-site Scripting vulnerability in Trendmicro Mobile Security 9.8 Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41177. | 6.1 |
| 2024-01-23 | CVE-2023-41177 | Cross-site Scripting vulnerability in Trendmicro Mobile Security 9.8 Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41178. | 6.1 |