• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-31663

February 23, 2023 by godfreyd94

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user’s window.

CVE-2022-31470

February 23, 2023 by godfreyd94

An XSS vulnerability in the index_mobile_changepass.hsp reset-password section of Axigen Mobile WebMail before 10.2.3.12 and 10.3.x before 10.3.3.47 allows attackers to run arbitrary Javascript code that, using an active end-user session (for a logged-in user), can access and retrieve mailbox content.

CVE-2022-3148

February 23, 2023 by godfreyd94

Cross-site Scripting (XSS) – Generic in GitHub repository jgraph/drawio prior to 20.3.0.

CVE-2022-3149

February 23, 2023 by godfreyd94

The WP Custom Cursors WordPress plugin before 3.0.1 does not have CSRF check in place when creating and editing cursors, which could allow attackers to made a logged in admin perform such actions via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping in some of the cursor options, it could also lead to Stored Cross-Site Scripting

CVE-2022-31492

February 23, 2023 by godfreyd94

Cross Site scripting (XSS) vulnerability inLibreHealth EHR Base 2.0.0 via interface/usergroup/usergroup_admin_add.php Username.

CVE-2022-31493

February 23, 2023 by godfreyd94

LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php acl_id XSS.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1929
  • Go to page 1930
  • Go to page 1931
  • Go to page 1932
  • Go to page 1933
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE