Page 2 of 7937 results (0.025 seconds)

CVSS: 9.0EPSS: 0%CPEs: -EXPL: 0

06 Feb 2025 — A cross-site scripting (xss) vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2110 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.8EPSS: 0%CPEs: -EXPL: 0

06 Feb 2025 — Cross Site Scripting vulnerability in DouPHP v.1.8 Release 20231203 allows attackers to execute arbitrary code via a crafted payload injected into the description parameter in /admin/article.php • https://github.com/Arykon/cve/blob/main/douphp.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: -EXPL: 1

06 Feb 2025 — Cross Site Scripting vulnerability in Gilnei Moraes phpABook v.0.9 allows a remote attacker to execute arbitrary code via the rol parameter in index.php • https://github.com/Exek1el/CVE-2024-48589 •

CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0

05 Feb 2025 — IBM ApplinX 11.1 is vulnerable to cross-site scripting. • https://www.ibm.com/support/pages/node/7182522 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0

05 Feb 2025 — IBM ApplinX 11.1 is vulnerable to cross-site scripting. • https://www.ibm.com/support/pages/node/7182522 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: -EXPL: 0

05 Feb 2025 — IBM ApplinX 11.1 is vulnerable to cross-site scripting. • https://www.ibm.com/support/pages/node/7182522 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

05 Feb 2025 — IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting. ... IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting. • https://www.ibm.com/support/pages/node/7182490 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0

05 Feb 2025 — IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to HTML injection. ... IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to HTML injection. • https://www.ibm.com/support/pages/node/7182490 • CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0

05 Feb 2025 — IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to cross-site scripting. ... IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to cross-site scripting. • https://www.ibm.com/support/pages/node/7182490 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0

05 Feb 2025 — A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. This vulnerability is due to an incomplete fix for CVE-2024-31156 https://my.f5.com/manage/s/article/K000138636 . • https://my.f5.com/manage/s/article/K000140578 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •