Total
27423 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-35631 | 2024-06-03 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Foliovision FV Flowplayer Video Player allows Reflected XSS.This issue affects FV Flowplayer Video Player: from n/a through 7.5.45.7212. | |||||
| CVE-2024-34767 | 2024-06-03 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes ShopLentor allows Stored XSS.This issue affects ShopLentor: from n/a through 2.8.7. | |||||
| CVE-2024-35639 | 2024-06-03 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webliberty Simple Spoiler allows Stored XSS.This issue affects Simple Spoiler: from n/a through 1.2. | |||||
| CVE-2024-34385 | 2024-06-03 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Wishlist allows Stored XSS.This issue affects YITH WooCommerce Wishlist: from n/a through 3.32.0. | |||||
| CVE-2024-35645 | 2024-06-03 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in vinoth06 Random Banner allows Stored XSS.This issue affects Random Banner: from n/a through 4.2.8. | |||||
| CVE-2024-34789 | 2024-06-03 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Hait Post Grid Elementor Addon allows Stored XSS.This issue affects Post Grid Elementor Addon: from n/a through 2.0.16. | |||||
| CVE-2024-34000 | 2024-06-03 | N/A | N/A | ||
| ID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS risk. | |||||
| CVE-2024-34790 | 2024-06-03 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hans van Eijsden,niwreg ImageMagick Sharpen Resized Images allows Stored XSS.This issue affects ImageMagick Sharpen Resized Images: from n/a through 1.1.7. | |||||
| CVE-2024-36392 | 2024-06-03 | N/A | 6.1 MEDIUM | ||
| MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2024-33997 | 2024-06-03 | N/A | N/A | ||
| Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's equation. | |||||
| CVE-2024-35647 | 2024-06-03 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Global Notification Bar allows Stored XSS.This issue affects Global Notification Bar: from n/a through 1.0.1. | |||||
| CVE-2024-31889 | 2024-05-31 | N/A | 5.4 MEDIUM | ||
| IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 288136. | |||||
| CVE-2024-31907 | 2024-05-31 | N/A | 5.4 MEDIUM | ||
| IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 289889. | |||||
| CVE-2024-31908 | 2024-05-31 | N/A | 6.4 MEDIUM | ||
| IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 289890. | |||||
| CVE-2024-36372 | 2024-05-31 | N/A | 4.6 MEDIUM | ||
| In JetBrains TeamCity before 2023.05.6 reflected XSS on the subscriptions page was possible | |||||
| CVE-2024-36371 | 2024-05-31 | N/A | 4.6 MEDIUM | ||
| In JetBrains TeamCity before 2023.05.6, 2023.11.5 stored XSS in Commit status publisher was possible | |||||
| CVE-2024-36370 | 2024-05-31 | N/A | 4.6 MEDIUM | ||
| In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible | |||||
| CVE-2024-36369 | 2024-05-31 | N/A | 4.6 MEDIUM | ||
| In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via issue tracker integration was possible | |||||
| CVE-2024-36368 | 2024-05-31 | N/A | 4.6 MEDIUM | ||
| In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 reflected XSS via OAuth provider configuration was possible | |||||
| CVE-2024-36367 | 2024-05-31 | N/A | 4.6 MEDIUM | ||
| In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via third-party reports was possible | |||||