Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2024-01-17 CVE-2023-48858 Cross-site Scripting vulnerability in Abocms Abo.Cms 5.9
A Cross-site scripting (XSS) vulnerability in login page php code in Armex ABO.CMS 5.9 allows remote attackers to inject arbitrary web script or HTML via the login.php? URL part.
network
low complexity
abocms CWE-79
6.1
6.1
2024-01-17 CVE-2024-22714 Cross-site Scripting vulnerability in Codelyfe Stupid Simple CMS
Stupid Simple CMS <=1.2.4 is vulnerable to Cross Site Scripting (XSS) in the editing section of the article content.
network
low complexity
codelyfe CWE-79
6.1
6.1
2024-01-17 CVE-2023-20257 Cross-site Scripting vulnerability in Cisco Prime Infrastructure
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct cross-site scripting attacks.
network
low complexity
cisco CWE-79
4.8
4.8
2024-01-17 CVE-2024-20251 Cross-site Scripting vulnerability in Cisco Identity Services Engine
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.
network
low complexity
cisco CWE-79
5.4
5.4
2024-01-17 CVE-2024-20270 Cross-site Scripting vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input.
network
low complexity
cisco CWE-79
5.4
5.4
2024-01-17 CVE-2023-51733 Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Local endpoint settings at its web interface.
network
low complexity
skyworthdigital CWE-79
5.4
5.4
2024-01-17 CVE-2023-51734 Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Remote endpoint settings at its web interface.
network
low complexity
skyworthdigital CWE-79
5.4
5.4
2024-01-17 CVE-2023-51735 Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Pre-shared key parameter at its web interface.
network
low complexity
skyworthdigital CWE-79
5.4
5.4
2024-01-17 CVE-2023-51736 Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the L2TP/PPTP Username parameter at its web interface.
network
low complexity
skyworthdigital CWE-79
5.4
5.4
2024-01-17 CVE-2023-51737 Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Preshared Phrase parameter at its web interface.
network
low complexity
skyworthdigital CWE-79
5.4
5.4