• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-31400

February 23, 2023 by godfreyd94

A cross-site scripting (XSS) vulnerability in /staff/setup/email-addresses of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email name field.

CVE-2022-31402

February 23, 2023 by godfreyd94

ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/webservices/export-v2.php.

CVE-2022-31403

February 23, 2023 by godfreyd94

ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/pages/ajax.render.php.

CVE-2022-3144

February 23, 2023 by godfreyd94

The Wordfence Security – Firewall & Malware Scan plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 7.6.0 via a setting on the options page due to insufficient escaping on the stored value. This makes it possible for authenticated users, with administrative privileges, to inject malicious web scripts into the setting that executes whenever a user accesses a page displaying the affected setting on sites running a vulnerable version.

CVE-2022-31468

February 23, 2023 by godfreyd94

OX App Suite through 8.2 allows XSS via an attachment or OX Drive content when a client uses the len or off parameter.

CVE-2022-31469

February 23, 2023 by godfreyd94

OX App Suite through 7.10.6 allows XSS via a deep link, as demonstrated by class=”deep-link-app” for a /#!!&app=%2e./ URI.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1932
  • Go to page 1933
  • Go to page 1934
  • Go to page 1935
  • Go to page 1936
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE