Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19599 | 1 Monstra | 1 Monstra Cms | 2020-06-24 | 3.5 LOW | 5.4 MEDIUM |
| Monstra CMS 1.6 allows XSS via an uploaded SVG document to the admin/index.php?id=filesmanager&path=uploads/ URI. NOTE: this is a discontinued product. | |||||
| CVE-2015-7916 | 1 Sauter-controls | 1 Moduweb Vision | 2020-06-24 | 3.5 LOW | 6.5 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query. | |||||
| CVE-2020-14926 | 1 Cmsmadesimple | 1 Cms Made Simple | 2020-06-24 | 3.5 LOW | 5.4 MEDIUM |
| CMS Made Simple 2.2.14 allows XSS via a Search Term to the admin/moduleinterface.php?mact=ModuleManager page. | |||||
| CVE-2020-14927 | 1 Naviwebs | 1 Navigate Cms | 2020-06-24 | 3.5 LOW | 4.8 MEDIUM |
| Navigate CMS 2.9 allows XSS via the Alias or Real URL field of the "Web Sites > Create > Aliases > Add" screen. | |||||
| CVE-2020-4295 | 1 Ibm | 2 Doors Next, Rational Doors Next Generation | 2020-06-24 | 3.5 LOW | 5.4 MEDIUM |
| IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176408. | |||||
| CVE-2020-4297 | 1 Ibm | 2 Doors Next, Rational Doors Next Generation | 2020-06-24 | 3.5 LOW | 5.4 MEDIUM |
| IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176474. | |||||
| CVE-2020-4281 | 1 Ibm | 2 Doors Next, Rational Doors Next Generation | 2020-06-24 | 3.5 LOW | 5.4 MEDIUM |
| IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176141. | |||||
| CVE-2020-14408 | 1 Agentejo | 1 Cockpit | 2020-06-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector. | |||||
| CVE-2011-3610 | 1 S9y | 1 Serendipity Event Freetag | 2020-06-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf. | |||||
| CVE-2008-0751 | 2 Microsoft, S9y | 2 Internet Explorer, Serendipity Event Freetag | 2020-06-23 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/. | |||||
| CVE-2019-1003042 | 1 Jenkins | 1 Lockable Resources | 2020-06-23 | 3.5 LOW | 5.4 MEDIUM |
| A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the plugin. | |||||
| CVE-2019-12461 | 1 Webport | 1 Web Port | 2020-06-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Web Port 1.19.1 allows XSS via the /log type parameter. | |||||
| CVE-2019-12460 | 1 Webport | 1 Web Port | 2020-06-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Web Port 1.19.1 allows XSS via the /access/setup type parameter. | |||||
| CVE-2020-4052 | 1 Requarks | 1 Wiki.js | 2020-06-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Wiki.js before 2.4.107, there is a stored cross-site scripting through template injection. This vulnerability exists due to an insecure validation mechanism intended to insert v-pre tags into rendered HTML elements which contain curly-braces. By creating a crafted wiki page, a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the page is viewed by other users. This has been patched in 2.4.107. | |||||
| CVE-2020-9522 | 1 Microfocus | 1 Arcsight Enterprise Security Manager Express | 2020-06-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, Affecting versions 7.0.x, 7.2 and 7.2.1 . The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. | |||||
| CVE-2020-13652 | 1 Digdash | 1 Digdash | 2020-06-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200528, 2019R2 before p20200430, and 2020R1 before p20200507. A cross-site scripting (XSS) vulnerability exists in the login menu. | |||||
| CVE-2020-11838 | 1 Microfocus | 1 Arcsight Management Center | 2020-06-19 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. | |||||
| CVE-2020-14462 | 1 Mitre | 1 Caldera | 2020-06-19 | 3.5 LOW | 5.4 MEDIUM |
| CALDERA 2.7.0 allows XSS via the Operation Name box. | |||||
| CVE-2020-11839 | 1 Microfocus | 1 Arcsight Logger | 2020-06-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. | |||||
| CVE-2020-9426 | 1 Open-xchange | 1 Ox Guard | 2020-06-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| OX Guard 2.10.3 and earlier allows XSS. | |||||