Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-12 | CVE-2024-6702 | Cross-site Scripting vulnerability in Pega Infinity Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage. | 4.8 |
| 2024-09-12 | CVE-2021-22503 | Cross-site Scripting vulnerability in Microfocus Edirectory Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000. | 6.1 |
| 2024-09-12 | CVE-2021-38131 | Cross-site Scripting vulnerability in Microfocus Edirectory Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000. | 6.1 |
| 2024-09-12 | CVE-2024-45856 | Cross-site Scripting vulnerability in Mindsdb A cross-site scripting (XSS) vulnerability exists in all versions of the MindsDB platform, enabling the execution of a JavaScript payload whenever a user enumerates an ML Engine, database, project, or dataset containing arbitrary JavaScript code within the web UI. | 5.4 |
| 2024-09-12 | CVE-2024-8750 | Cross-site Scripting vulnerability in I-Doit 28 Cross-site Scripting (XSS) vulnerability in idoit pro version 28. | 6.1 |
| 2024-09-12 | CVE-2024-2010 | Cross-site Scripting vulnerability in Tebilisim V5 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in TE Informatics V5 allows Reflected XSS.This issue affects V5: before 6.2. | 6.1 |
| 2024-09-12 | CVE-2024-8622 | Cross-site Scripting vulnerability in Amcharts Amcharts: Charts and Maps The amCharts: Charts and Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'amcharts_javascript' parameter in all versions up to, and including, 1.4.4 due to the ability to supply arbitrary JavaScript a lack of nonce validation on the preview functionality. | 6.1 |
| 2024-09-12 | CVE-2024-5799 | Cross-site Scripting vulnerability in Cminds CM Popup The CM Pop-Up Banners for WordPress plugin before 1.7.3 does not sanitise and escape some of its popup fields, which could allow high privilege users such as Contributors to perform Cross-Site Scripting attacks. | 4.8 |
| 2024-09-12 | CVE-2024-6018 | Cross-site Scripting vulnerability in Scriptonite Music Request Manager The Music Request Manager WordPress plugin through 1.3 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers | 6.1 |
| 2024-09-12 | CVE-2024-6019 | Cross-site Scripting vulnerability in Scriptonite Music Request Manager The Music Request Manager WordPress plugin through 1.3 does not sanitise and escape incoming music requests, which could allow unauthenticated users to perform Cross-Site Scripting attacks against administrators | 6.1 |