Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2024-10-10 CVE-2024-9807 Cross-site Scripting vulnerability in Classroombookings 2.8.7
A vulnerability was found in Craig Rodway Classroombookings 2.8.7 and classified as problematic.
network
low complexity
classroombookings CWE-79
4.8
4.8
2024-10-10 CVE-2024-9805 Cross-site Scripting vulnerability in Code-Projects Blood Bank System 1.0
A vulnerability was found in code-projects Blood Bank System 1.0.
network
low complexity
code-projects CWE-79
5.4
5.4
2024-10-10 CVE-2024-9799 Cross-site Scripting vulnerability in Rems Profile Registration Without Reload/Refresh 1.0
A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic.
network
low complexity
rems CWE-79
6.1
6.1
2024-10-10 CVE-2024-9803 Cross-site Scripting vulnerability in Code-Projects Blood Bank System 1.0
A vulnerability was found in code-projects Blood Bank Management System 1.0.
network
low complexity
code-projects CWE-79
5.4
5.4
2024-10-10 CVE-2024-6530 Cross-site Scripting vulnerability in Gitlab
A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 17.1 prior 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2.
network
low complexity
gitlab CWE-79
5.4
5.4
2024-10-10 CVE-2024-45116 Cross-site Scripting vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code.
network
low complexity
adobe CWE-79
8.1
8.1
2024-10-10 CVE-2024-45123 Cross-site Scripting vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
6.1
6.1
2024-10-10 CVE-2024-45127 Cross-site Scripting vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
4.8
4.8
2024-10-10 CVE-2024-9074 Cross-site Scripting vulnerability in Essamamdani Advanced Blocks PRO
The Advanced Blocks Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping.
network
low complexity
essamamdani CWE-79
5.4
5.4
2024-10-10 CVE-2024-8729 Cross-site Scripting vulnerability in Idiom Easy Social Share Buttons
The Easy Social Share Buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.4.5.
network
low complexity
idiom CWE-79
6.1
6.1