VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-11-20
CVE-2024-11404
Unrestricted Upload of File with Dangerous Type, Improper Input Validation, Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS.This issue affects django Filer: from 3 before 3.3.
network
low complexity
CWE-80
5.5
5.5
2024-11-18
CVE-2020-26067
A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of usernames.
network
low complexity
CWE-80
5.4
5.4
2024-11-16
CVE-2024-10592
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-80
6.4
6.4
2024-11-15
CVE-2022-20654
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based interface of Cisco Webex Meetings.
network
low complexity
CWE-80
6.1
6.1
2024-11-13
CVE-2024-10038
The WP-Strava plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.12.1 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-80
6.1
6.1
2024-11-08
CVE-2024-10621
The Simple Shortcode for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's pw_map shortcode in all versions up to, and including, 1.5.4 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-80
6.4
6.4
2024-10-29
CVE-2024-9438
The SEUR Oficial plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'change_service' parameter in all versions up to, and including, 2.2.11 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-80
6.1
6.1
2024-10-07
CVE-2024-47782
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Miraheze Wikidiscover 20240208
WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis.
network
low complexity
miraheze
CWE-80
5.4
5.4
2024-10-04
CVE-2024-47765
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Jgniecki Minecraft Motd Parser
Minecraft MOTD Parser is a PHP library to parse minecraft server motd.
network
low complexity
jgniecki
CWE-80
6.1
6.1
2024-06-13
CVE-2024-36395
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Verint Workforce Optimization 15.2.918.262
Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
network
low complexity
verint
CWE-80
6.1
6.1
«
1
(current)
2
3
4
»
Next