
CVE-2024-52365 – IBM Cloud Pak for Business Automation cross-site scripting
https://notcve.org/view.php?id=CVE-2024-52365
05 Feb 2025 — IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting. ... IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting. • https://www.ibm.com/support/pages/node/7182403 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2024-52364 – IBM Cloud Pak for Business Automation cross-site scripting
https://notcve.org/view.php?id=CVE-2024-52364
05 Feb 2025 — IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. ... IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. • https://www.ibm.com/support/pages/node/7182403 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2024-54853
https://notcve.org/view.php?id=CVE-2024-54853
05 Feb 2025 — A Stored Cross-Site Scripting (XSS) vulnerability was identified affecting Skybox Change Manager versions 13.2.170 and earlier that allows remote authenticated users to store malicious payloads in the affected field that would then execute in an unsuspecting victim's browser. • https://github.com/KoratSec/CVEs/blob/main/CVE-2024-54853.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2024-55040 – Sensaphone WEB600 Monitoring System Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-55040
05 Feb 2025 — The Sensaphone WEB600 Monitoring System was found to suffer from multiple persistent cross site scripting vulnerabilities. • https://github.com/tcbutler320/CVE-2024-55040-Sensaphone-XSS •

CVE-2024-57427 – PHPJabbers Cinema Booking System 2.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-57427
05 Feb 2025 — PHPJabbers Cinema Booking System v2.0 is vulnerable to reflected cross-site scripting (XSS). ... PHPJabbers Cinema Booking System version 2.0 suffers from both reflective and persistent cross site scripting vulnerabilities. • https://github.com/ahrixia/CVE-2024-57427 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2024-57428 – PHPJabbers Cinema Booking System 2.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-57428
05 Feb 2025 — A stored cross-site scripting (XSS) vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload fields (event_img, seat_maps) and seat number configurations (number[new_X] in pjActionCreate). ... PHPJabbers Cinema Booking System version 2.0 suffers from both reflective and persistent cross site scripting vulnerabilities. • https://github.com/ahrixia/CVE-2024-57428 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2024-53962 – Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
https://notcve.org/view.php?id=CVE-2024-53962
04 Feb 2025 — Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. • https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2024-53963 – Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)
https://notcve.org/view.php?id=CVE-2024-53963
04 Feb 2025 — Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute arbitrary code in the context of the victim's browser session. • https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2024-53966 – Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
https://notcve.org/view.php?id=CVE-2024-53966
04 Feb 2025 — Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. • https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2024-53964 – Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
https://notcve.org/view.php?id=CVE-2024-53964
04 Feb 2025 — Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. • https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •