• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-32171

February 23, 2023 by godfreyd94

In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete user functionality. When an authenticated user deletes a user having a XSS payload in the user id field, the javascript payload will be executed and allow an attacker to access the user’s credentials.

CVE-2022-32172

February 23, 2023 by godfreyd94

In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete template functionality. When an authenticated user deletes a template with a XSS payload in the name field, the Javascript payload will be executed and allow an attacker to access the user’s credentials.

CVE-2022-32173

February 23, 2023 by godfreyd94

In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow an authenticated user with an editor security role to inject a persistent HTML modal dialog component into the dashboard that will affect admin users.

CVE-2022-32174

February 23, 2023 by godfreyd94

In Gogs, versions v0.6.5 through v0.12.10 are vulnerable to Stored Cross-Site Scripting (XSS) that leads to an account takeover.

CVE-2022-32195

February 23, 2023 by godfreyd94

Open edX platform before 2022-06-06 allows XSS via the “next” parameter in the logout URL.

CVE-2022-3220

February 23, 2023 by godfreyd94

The Advanced Comment Form WordPress plugin before 1.2.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1921
  • Go to page 1922
  • Go to page 1923
  • Go to page 1924
  • Go to page 1925
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE