Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2021-09-15 CVE-2020-19148 Cross Site Scripting (XSS) in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code via the 'Nickname' parameter in the component '/jfinal_cms/front/person/profile.html'.
network
CWE-79
3.5
2021-09-15 CVE-2020-19156 Cross-site Scripting vulnerability in Ari-Soft ARI Adminer 1.0
Cross Site Scripting (XSS) in Ari Adminer v1 allows remote attackers to execute arbitrary code via the 'Title' parameter of the 'Add New Connections' component when the 'save()' function is called.
network
ari-soft CWE-79
3.5
2021-09-15 CVE-2020-19158 Cross-site Scripting vulnerability in S-Cms 20191014
Cross Site Scripting (XSS) in S-CMS build 20191014 and earlier allows remote attackers to execute arbitrary code via the 'Site Title' parameter of the component '/data/admin/#/app/config/'.
network
s-cms CWE-79
3.5
2021-09-14 CVE-2021-21489 Cross-site Scripting vulnerability in SAP Netweaver Enterprise Portal
SAP NetWeaver Enterprise Portal versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user related data, resulting in Stored Cross-Site Scripting (XSS) vulnerability.
network
sap CWE-79
3.5
2021-09-13 CVE-2021-29643 Cross-site Scripting vulnerability in Paessler Prtg Network Monitor
PRTG Network Monitor before 21.3.69.1333 allows stored XSS via an unsanitized string imported from a User Object in a connected Active Directory instance.
network
paessler CWE-79
3.5
2021-09-13 CVE-2021-22528 Cross-site Scripting vulnerability in Microfocus Access Manager 5.0
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
network
microfocus CWE-79
3.5
2021-09-13 CVE-2021-40214 Cross-site Scripting vulnerability in Gibbonedu Gibbon 22.0.00
Gibbon v22.0.00 suffers from a stored XSS vulnerability within the wall messages component.
network
gibbonedu CWE-79
3.5
2021-09-09 CVE-2020-19281 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /manage/loginusername component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username field.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19284 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments text field.
network
jeesns CWE-79
3.5
2021-09-09 CVE-2020-19285 Cross-site Scripting vulnerability in Jeesns 1.4.2
A stored cross-site scripting (XSS) vulnerability in the /group/apply component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name text field.
network
jeesns CWE-79
3.5