• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-28586

February 23, 2023 by godfreyd94

XSS in edit page of Hoosk 1.8.0 allows attacker to execute javascript code in user browser via edit page with XSS payload bypass filter some special chars.

CVE-2022-28588

February 23, 2023 by godfreyd94

In SpringBootMovie <=1.2 when adding movie names, malicious code can be stored because there are no filtering parameters, resulting in stored XSS.

CVE-2022-28589

February 23, 2023 by godfreyd94

A stored cross-site scripting (XSS) vulnerability in Pixelimity 1.0 allows attackers to execute arbitrary web scripts or HTML via the Title field in admin/pages.php?action=add_new

CVE-2022-28598

February 23, 2023 by godfreyd94

Frappe ERPNext 12.29.0 is vulnerable to XSS where the software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users.

CVE-2022-28599

February 23, 2023 by godfreyd94

A stored cross-site scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1 that allows an authenticated user to upload a malicious .pdf file which acts as a stored XSS payload. If this stored XSS payload is triggered by an administrator it will trigger a XSS attack.

CVE-2022-28612

February 23, 2023 by godfreyd94

Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Muneeb’s Custom Popup Builder plugin <= 1.3.1 at WordPress.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1981
  • Go to page 1982
  • Go to page 1983
  • Go to page 1984
  • Go to page 1985
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE