• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-29894

February 23, 2023 by godfreyd94

Strapi v3.x.x versions and earlier contain a stored cross-site scripting vulnerability in file upload function. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege.

CVE-2022-29907

February 23, 2023 by godfreyd94

The Nimbus skin for MediaWiki through 1.37.2 (before 6f9c8fb868345701d9544a54d9752515aace39df) allows XSS in Advertise link messages.

CVE-2022-29770

February 23, 2023 by godfreyd94

XXL-Job v2.3.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via /xxl-job-admin/jobinfo.

CVE-2022-29811

February 23, 2023 by godfreyd94

In JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible.

CVE-2022-29817

February 23, 2023 by godfreyd94

In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible

CVE-2022-2983

February 23, 2023 by godfreyd94

The Salat Times WordPress plugin before 3.2.2 does not sanitize and escapes its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1958
  • Go to page 1959
  • Go to page 1960
  • Go to page 1961
  • Go to page 1962
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE