Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-22 | CVE-2024-48707 | Cross-site Scripting vulnerability in O-Dyn Collabtive 3.1 Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under (a) action=add or action=edit within managemilestone.php file and (b) action=addpro within admin.php file. | 5.4 |
| 2024-10-22 | CVE-2024-48708 | Cross-site Scripting vulnerability in O-Dyn Collabtive 3.1 Collabtive 3.1 is vulnerable to Cross-Site Scripting (XSS) via the name parameter in (a) file tasklist.php under action = add/edit and in (b) file admin.php under action = adduser/edituser. | 5.4 |
| 2024-10-22 | CVE-2024-49210 | Cross-site Scripting vulnerability in Archerirm Archer Reflected XSS was discovered in an iView List Archer Platform UX page in Archer Platform 6.x before version 2024.09. | 6.1 |
| 2024-10-22 | CVE-2024-49211 | Cross-site Scripting vulnerability in Archerirm Archer Reflected XSS was discovered in a Dashboard Listing Archer Platform UX page in Archer Platform 6.x before version 2024.08. | 6.1 |
| 2024-10-22 | CVE-2022-23861 | Cross-site Scripting vulnerability in Ysoft Safeq 6.0 Multiple Stored Cross-Site Scripting vulnerabilities were discovered in Y Soft SAFEQ 6 Build 53. | 5.4 |
| 2024-10-22 | CVE-2024-46240 | Cross-site Scripting vulnerability in O-Dyn Collabtive 3.1 Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action=system and the company/contact parameters under action=addcust within admin.php file. | 4.8 |
| 2024-10-22 | CVE-2024-47819 | Cross-site Scripting vulnerability in Umbraco CMS Umbraco, a free and open source .NET content management system, has a cross-site scripting vulnerability starting in version 14.0.0 and prior to versions 14.3.1 and 15.0.0. | 8.7 |
| 2024-10-22 | CVE-2024-48927 | Cross-site Scripting vulnerability in Umbraco CMS Umbraco, a free and open source .NET content management system, has a remote code execution issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. | 4.6 |
| 2024-10-22 | CVE-2024-10234 | Cross-site Scripting vulnerability in Redhat products A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. | 7.3 |
| 2024-10-22 | CVE-2024-10189 | Cross-site Scripting vulnerability in Jesweb Anchor Episodes Index The Anchor Episodes Index (Spotify for Podcasters) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's anchor_episodes shortcode in all versions up to, and including, 2.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |