CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50575
https://notcve.org/view.php?id=CVE-2024-50575
In JetBrains YouTrack before 2024.3.47707 reflected XSS was possible in Widget API • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10433 – Project Worlds Simple Web-Based Chat Application index.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-10433
The manipulation of the argument Name/Comment leads to cross site scripting. ... Durch Beeinflussen des Arguments Name/Comment mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. • https://github.com/jadu101/CVE/blob/main/project_worlds_simple_web_based_chat_app_index_xss.md https://vuldb.com/? • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-10048 – Post Status Notifier Lite and Premium <= 1.11.6 - Reflected Cross-Site Scripting via page
https://notcve.org/view.php?id=CVE-2024-10048
The Post Status Notifier Lite and Premium plugins for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 1.11.6 due to insufficient input sanitization and output escaping. ... Los complementos Post Status Notifier Lite y Premium para WordPress son vulnerables a ataques de Cross-Site Scripting reflejado a través del parámetro 'page' en todas las versiones hasta la 1.11.6 incluida, debido a una desinfección de entrada y un escape de salida insuficientes. • source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10266 – Premium Addons for Elementor <= 4.10.60 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Video Box Widget
https://notcve.org/view.php?id=CVE-2024-10266
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Box widget in all versions up to, and including, 4.10.60 due to insufficient input sanitization and output escaping on user supplied attributes. ... El complemento Premium Addons for Elementor para WordPress es vulnerable a Cross-Site Scripting almacenado a través del widget Video Box del complemento en todas las versiones hasta la 4.10.60 incluida, debido a una desinfección de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. • source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-48195
https://notcve.org/view.php?id=CVE-2024-48195
Cross Site Scripting vulnerability in eyouCMS v.1.6.7 allows a remote attacker to obtain sensitive information via a crafted script to the post parameter. • https://github.com/cyb3res3c/CVE-2024-48195/blob/main/CVE-2024-48195.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •