Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-08	CVE-2024-8572	Cross-site Scripting vulnerability in Gouniverse Golang CMS A vulnerability was found in Gouniverse GoLang CMS 1.4.0. network low complexity gouniverse CWE-79	6.1
2024-09-08	CVE-2024-6859	Cross-site Scripting vulnerability in Ngothang WP Multitasking The WP MultiTasking WordPress plugin through 0.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks network low complexity ngothang CWE-79	5.4
2024-09-08	CVE-2024-8566	Cross-site Scripting vulnerability in Online Shop Store Project Online Shop Store 1.0 A vulnerability classified as problematic was found in code-projects Online Shop Store 1.0. network low complexity online-shop-store-project CWE-79	6.1
2024-09-07	CVE-2024-8563	Cross-site Scripting vulnerability in Rems PHP Crud 1.0 A vulnerability was found in SourceCodester PHP CRUD 1.0. network low complexity rems CWE-79	6.1
2024-09-07	CVE-2024-8562	Cross-site Scripting vulnerability in Rems PHP Crud 1.0 A vulnerability was found in SourceCodester PHP CRUD 1.0 and classified as problematic. network low complexity rems CWE-79	6.1
2024-09-07	CVE-2024-42020	Cross-site Scripting vulnerability in Veeam ONE 12.0.0.2498/12.0.1.2591 A Cross-site-scripting (XSS) vulnerability exists in the Reporter Widgets that allows HTML injection. network low complexity veeam CWE-79	5.4
2024-09-07	CVE-2024-8554	Cross-site Scripting vulnerability in Oretnom23 Clinic'S Patient Management System 2.0 A vulnerability was found in SourceCodester Clinics Patient Management System 2.0 and classified as problematic. network low complexity oretnom23 CWE-79	5.4
2024-09-07	CVE-2024-1596	Cross-site Scripting vulnerability in Ninjaforms Ninja Forms File Uploads The Ninja Forms - File Uploads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an uploaded file (e.g. network low complexity ninjaforms CWE-79	6.1
2024-09-07	CVE-2024-6849	Cross-site Scripting vulnerability in Wp-Brandtheme Preloader Plus The Preloader Plus – WordPress Loading Screen Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. network low complexity wp-brandtheme CWE-79	5.4
2024-09-06	CVE-2023-50366	Cross-site Scripting vulnerability in Qnap QTS and Quts Hero A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. network low complexity qnap CWE-79	4.8