• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2021-23225

February 23, 2023 by

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the “new_username” field during creation of a new user via “Copy” method at user_admin.php.

CVE-2021-23228

February 23, 2023 by

DIAEnergie Version 1.7.5 and prior is vulnerable to a reflected cross-site scripting attack through error pages that are returned by “.NET Request.QueryString”.

CVE-2021-23260

February 23, 2023 by

Authenticated users with Site roles may inject XSS scripts via file names that will execute in the browser for this and other users of the same site.

CVE-2021-23271

February 23, 2023 by

The TIBCO EBX Web Server component of TIBCO Software Inc.’s TIBCO EBX contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Stored Cross Site Scripting (XSS) attack on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO EBX: versions 5.9.12 and below.

CVE-2021-23124

February 23, 2023 by

An issue was discovered in Joomla! 3.9.0 through 3.9.23. The lack of escaping in mod_breadcrumbs aria-label attribute allows XSS attacks.

CVE-2021-23125

February 23, 2023 by

An issue was discovered in Joomla! 3.1.0 through 3.9.23. The lack of escaping of image-related parameters in multiple com_tags views cause lead to XSS attack vectors.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1638
  • Go to page 1639
  • Go to page 1640
  • Go to page 1641
  • Go to page 1642
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE