Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-19 | CVE-2024-23387 | Cross-site Scripting vulnerability in Fusionpbx FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. | 4.8 |
| 2024-01-18 | CVE-2024-22213 | Cross-site Scripting vulnerability in Nextcloud Deck Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. | 5.4 |
| 2024-01-18 | CVE-2023-49943 | Cross-site Scripting vulnerability in Zohocorp Manageengine Servicedesk Plus MSP Zoho ManageEngine ServiceDesk Plus MSP before 14504 allows stored XSS (by a low-privileged technician) via a task's name in a time sheet. | 5.4 |
| 2024-01-18 | CVE-2024-22548 | Cross-site Scripting vulnerability in Flycms Project Flycms 1.0 FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website name section. | 5.4 |
| 2024-01-18 | CVE-2024-22549 | Cross-site Scripting vulnerability in Flycms Project Flycms 1.0 FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the email settings of the website settings section. | 5.4 |
| 2024-01-18 | CVE-2023-6958 | Cross-site Scripting vulnerability in Bootstrapped WP Recipe Maker The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-01-18 | CVE-2023-6970 | Cross-site Scripting vulnerability in Bootstrapped WP Recipe Maker The WP Recipe Maker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘Referer' header in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-01-18 | CVE-2024-0381 | Cross-site Scripting vulnerability in Bootstrapped WP Recipe Maker The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of the 'tag' attribute in the wprm-recipe-name, wprm-recipe-date, and wprm-recipe-counter shortcodes in all versions up to, and including, 9.1.0. | 5.4 |
| 2024-01-18 | CVE-2023-6184 | Cross-site Scripting vulnerability in Citrix Virtual Apps and Desktops Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross Site Scripting | 7.2 |
| 2024-01-17 | CVE-2023-5914 | Cross-site Scripting vulnerability in Cloud Citrix Storefront 1912 Cross-site scripting (XSS) | 6.1 |