Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-03-13 | CVE-2018-25090 | An unauthenticated remote attacker can use an XSS attack due to improper neutralization of input during web page generation. | 5.4 |
2024-03-01 | CVE-2023-28525 | Cross-site Scripting vulnerability in IBM products IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. | 4.8 |
2024-02-22 | CVE-2024-1451 | Cross-site Scripting vulnerability in Gitlab 16.9.0 An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.1. | 8.7 |
2024-02-21 | CVE-2022-45179 | Cross-site Scripting vulnerability in Liveboxcloud Vdesk An issue was discovered in LIVEBOX Collaboration vDesk through v031. | 5.4 |
2024-02-20 | CVE-2024-1647 | Pyhtml2pdf version 0.0.6 allows an external attacker to remotely obtain arbitrary local files. | 7.5 |
2024-02-17 | CVE-2024-25297 | Cross-site Scripting vulnerability in Bludit 3.15.0 Cross Site Scripting (XSS) vulnerability in Bludit CMS version 3.15, allows remote attackers to execute arbitrary code and obtain sensitive information via edit-content.php. | 4.8 |
2024-02-15 | CVE-2023-26206 | Cross-site Scripting vulnerability in Fortinet Fortinac An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiNAC 9.4.0 - 9.4.2, 9.2.0 - 9.2.8, 9.1.0 - 9.1.10 and 7.2.0 allows an attacker to execute unauthorized code or commands via the name fields observed in the policy audit logs. | 6.1 |
2024-02-15 | CVE-2024-20717 | Cross-site Scripting vulnerability in Adobe Commerce 2.4.4/2.4.5/2.4.6 Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. | 5.4 |
2024-02-15 | CVE-2024-20719 | Cross-site Scripting vulnerability in Adobe Commerce 2.4.4/2.4.5/2.4.6 Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into every admin page. | 9.1 |
2024-02-14 | CVE-2024-25300 | Cross-site Scripting vulnerability in Redaxo 5.15.1 A cross-site scripting (XSS) vulnerability in Redaxo v5.15.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Template section. | 4.8 |