Total
34046 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-3526 | 1 Phoenixcontact | 14 Cloud Client 1101t-tx, Cloud Client 1101t-tx Firmware, Tc Cloud Client 1002-4g and 11 more | 2025-02-27 | 9.6 Critical |
| In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of the user's browser. | ||||
| CVE-2023-1317 | 1 Enhancesoft | 1 Osticket | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6. | ||||
| CVE-2023-36891 | 1 Microsoft | 1 Sharepoint Server | 2025-02-27 | 8 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2024-12232 | 1 Code-projects | 1 Simple Crud Functionality | 2025-02-27 | 3.5 Low |
| A vulnerability has been found in code-projects Simple CRUD Functionality 1.0 and classified as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument newtitle/newdescr leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-36886 | 1 Microsoft | 1 Dynamics 365 | 2025-02-27 | 7.6 High |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||||
| CVE-2023-38164 | 1 Microsoft | 1 Dynamics 365 | 2025-02-27 | 7.6 High |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||||
| CVE-2023-29306 | 1 Adobe | 1 Connect | 2025-02-27 | 6.1 Medium |
| Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
| CVE-2023-29305 | 1 Adobe | 1 Connect | 2025-02-27 | 6.1 Medium |
| Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
| CVE-2023-38214 | 1 Adobe | 1 Experience Manager | 2025-02-27 | 5.4 Medium |
| Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
| CVE-2023-38215 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2025-02-27 | 5.4 Medium |
| Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | ||||
| CVE-2023-44315 | 1 Siemens | 1 Sinec Nms | 2025-02-27 | 4.7 Medium |
| A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could prepare a stored cross-site scripting (XSS) attack that may lead to unintentional modification of application data by legitimate users. | ||||
| CVE-2023-36416 | 1 Microsoft | 1 Dynamics 365 | 2025-02-27 | 6.1 Medium |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||||
| CVE-2023-38219 | 1 Adobe | 2 Commerce, Magento | 2025-02-27 | 8.7 High |
| Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Payload is stored in an admin area, resulting in high confidentiality and integrity impact. | ||||
| CVE-2023-5867 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.2. | ||||
| CVE-2023-5873 | 1 Pimcore | 1 Pimcore | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 11.1.0. | ||||
| CVE-2023-5890 | 1 Sfu | 1 Pkp Web Application Library | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | ||||
| CVE-2023-5892 | 1 Sfu | 1 Pkp Web Application Library | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | ||||
| CVE-2023-5891 | 1 Sfu | 1 Pkp Web Application Library | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | ||||
| CVE-2023-5894 | 1 Sfu | 1 Open Journal Systems | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pkp/ojs prior to 3.3.0-16. | ||||
| CVE-2023-5895 | 1 Sfu | 1 Pkp Web Application Library | 2025-02-27 | 5.4 Medium |
| Cross-site Scripting (XSS) - DOM in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | ||||