Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-17	CVE-2024-44049	Cross-site Scripting vulnerability in Themehunk Gutenberg Blocks Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeHunk Gutenberg Blocks – Unlimited blocks For Gutenberg allows Stored XSS.This issue affects Gutenberg Blocks – Unlimited blocks For Gutenberg: from n/a through 1.2.7. network low complexity themehunk CWE-79	5.4
2024-09-17	CVE-2024-44050	Cross-site Scripting vulnerability in Cryoutcreations Verbosa Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Verbosa allows Stored XSS.This issue affects Verbosa: from n/a through 1.2.3. network low complexity cryoutcreations CWE-79	5.4
2024-09-17	CVE-2024-44051	Cross-site Scripting vulnerability in Vanderwijk Content Blocks Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Johan van der Wijk Content Blocks (Custom Post Widget) allows Stored XSS.This issue affects Content Blocks (Custom Post Widget): from n/a through 3.3.5. network low complexity vanderwijk CWE-79	5.4
2024-09-17	CVE-2024-45451	Cross-site Scripting vulnerability in Cryoutcreations Roseta Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Roseta allows Stored XSS.This issue affects Roseta: from n/a through 1.3.0. network low complexity cryoutcreations CWE-79	5.4
2024-09-17	CVE-2024-45452	Cross-site Scripting vulnerability in Cryoutcreations Septera Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Septera septera allows Stored XSS.This issue affects Septera: from n/a through 1.5.1. network low complexity cryoutcreations CWE-79	5.4
2024-09-17	CVE-2024-46976	Cross-site Scripting vulnerability in Backstage Backstage is an open framework for building developer portals. network low complexity backstage CWE-79	5.4
2024-09-17	CVE-2024-8907	Cross-site Scripting vulnerability in Google Chrome Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. network low complexity google CWE-79	6.1
2024-09-17	CVE-2024-8951	Cross-site Scripting vulnerability in Oretnom23 Resort Reservation System 1.0 A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. network low complexity oretnom23 CWE-79	6.1
2024-09-17	CVE-2024-45803	Cross-site Scripting vulnerability in Wireui Wire UI is a library of components and resources to empower Laravel and Livewire application development. network low complexity wireui CWE-79	6.1
2024-09-17	CVE-2024-8660	Cross-site Scripting vulnerability in Concretecms Concrete CMS Concrete CMS versions 9.0.0 through 9.3.3 are affected by a stored XSS vulnerability in the "Top Navigator Bar" block. Since the "Top Navigator Bar" output was not sufficiently sanitized, a rogue administrator could add a malicious payload that could be executed when targeted users visited the home page.The Concrete CMS Security Team gave this vulnerability a CVSS v4 score of 4.6 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N . network low complexity concretecms CWE-79	4.8