• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-31301

February 23, 2023 by godfreyd94

Haraj v3.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Post Ads component.

CVE-2022-31302

February 23, 2023 by godfreyd94

maccms8 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field.

CVE-2022-31303

February 23, 2023 by godfreyd94

maccms10 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field.

CVE-2022-3132

February 23, 2023 by godfreyd94

The Goolytics WordPress plugin before 1.1.2 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

CVE-2022-31187

February 23, 2023 by godfreyd94

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Affected versions were found to not properly neutralize HTML tags in the global search context. Users are advised to upgrade to version 10.0.3 to resolve this issue. Users unable to upgrade should disable global search.

CVE-2022-31191

February 23, 2023 by godfreyd94

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck “Did you mean” HTML escapes the data-spell attribute in the link, but not the actual displayed text. Similarly, the JSPUI autocomplete HTML does not properly escape text passed to it. Both are vulnerable to XSS. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this issue.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1934
  • Go to page 1935
  • Go to page 1936
  • Go to page 1937
  • Go to page 1938
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE