Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2024-10-28 CVE-2024-50471 Cross-site Scripting vulnerability in Checklist Trip Plan
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Checklist Trip Plan allows Stored XSS.This issue affects Trip Plan: from n/a through 1.0.10.
network
low complexity
checklist CWE-79
5.4
5.4
2024-10-28 CVE-2024-50472 Cross-site Scripting vulnerability in Amilia Store
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Drapeau Amilia Store allows Stored XSS.This issue affects Amilia Store: from n/a through 2.9.8.
network
low complexity
amilia CWE-79
5.4
5.4
2024-10-28 CVE-2024-50501 Cross-site Scripting vulnerability in Climaxthemes Kata Plus
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Climax Themes Kata Plus allows Stored XSS.This issue affects Kata Plus: from n/a through 1.4.7.
network
low complexity
climaxthemes CWE-79
5.4
5.4
2024-10-28 CVE-2024-50502 Cross-site Scripting vulnerability in Cozythemes Cozy Blocks
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.18.
network
low complexity
cozythemes CWE-79
5.4
5.4
2024-10-28 CVE-2024-50575 Cross-site Scripting vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.47707 reflected XSS was possible in Widget API
network
low complexity
jetbrains CWE-79
6.1
6.1
2024-10-28 CVE-2024-50576 Cross-site Scripting vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via vendor URL in App manifest
network
low complexity
jetbrains CWE-79
5.4
5.4
2024-10-28 CVE-2024-50577 Cross-site Scripting vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings
network
low complexity
jetbrains CWE-79
5.4
5.4
2024-10-28 CVE-2024-50578 Cross-site Scripting vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via sprint value on agile boards page
network
low complexity
jetbrains CWE-79
5.4
5.4
2024-10-28 CVE-2024-50579 Cross-site Scripting vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.47707 reflected XSS due to insecure link sanitization was possible
network
low complexity
jetbrains CWE-79
6.1
6.1
2024-10-28 CVE-2024-50580 Cross-site Scripting vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.47707 multiple XSS were possible due to insecure markdown parsing and custom rendering rule
network
low complexity
jetbrains CWE-79
5.4
5.4