Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-20 | CVE-2024-9031 | Cross-site Scripting vulnerability in Workdo Crmgo Saas A vulnerability, which was classified as problematic, has been found in CodeCanyon CRMGo SaaS up to 7.2. | 5.4 |
| 2024-09-19 | CVE-2024-9007 | Cross-site Scripting vulnerability in Jeanmarc77 123Solar 1.8.4.5 A vulnerability classified as problematic has been found in jeanmarc77 123solar 1.8.4.5. | 5.4 |
| 2024-09-19 | CVE-2024-8652 | Cross-site Scripting vulnerability in Netcat Content Management System A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific path on the site. This issue affects NetCat CMS v. | 6.1 |
| 2024-09-19 | CVE-2024-8653 | Cross-site Scripting vulnerability in Netcat Content Management System A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific paths on the site. This issue affects NetCat CMS v. | 6.1 |
| 2024-09-19 | CVE-2024-8364 | Cross-site Scripting vulnerability in Webhammer WP Custom Fields Search The WP Custom Fields Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcfs-preset shortcode in all versions up to, and including, 1.2.35 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-09-19 | CVE-2024-8850 | Cross-site Scripting vulnerability in Ibericode Mailchimp The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email' parameter when a placeholder such as {email} is used for the field in versions 4.9.9 to 4.9.16 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-09-18 | CVE-2021-27917 | Cross-site Scripting vulnerability in Acquia Mautic Prior to this patch, a stored XSS vulnerability existed in the contact tracking and page hits report. | 5.4 |
| 2024-09-18 | CVE-2024-46372 | Cross-site Scripting vulnerability in Dedecms 5.7.115 DedeCMS 5.7.115 is vulnerable to Cross Site Scripting (XSS) via the advertisement code box in the advertisement management module. | 6.1 |
| 2024-09-18 | CVE-2024-47050 | Cross-site Scripting vulnerability in Acquia Mautic Prior to this patch being applied, Mautic's tracking was vulnerable to Cross-Site Scripting through the Page URL variable. | 6.1 |
| 2024-09-18 | CVE-2024-47058 | Cross-site Scripting vulnerability in Acquia Mautic With access to edit a Mautic form, the attacker can add Cross-Site Scripting stored in the html filed. | 4.8 |