• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-27103

February 23, 2023 by godfreyd94

element-plus 2.0.5 is vulnerable to Cross Site Scripting (XSS) via el-table-column.

CVE-2022-27105

February 23, 2023 by godfreyd94

InMailX Outlook Plugin < 3.22.0101 is vulnerable to Cross Site Scripting (XSS). InMailX Connection names are not sanitzed in the Outlook tab, which allows a local user or network administrator to execute HTML / Javascript in the Outlook of users.

CVE-2022-27107

February 23, 2023 by godfreyd94

OrangeHRM 4.10 is vulnerable to Stored XSS in the “Share Video” section under “OrangeBuzz” via the GET/POST “createVideo[linkAddress]” parameter

CVE-2022-27111

February 23, 2023 by godfreyd94

Jfinal_CMS 5.1.0 allows attackers to use the feedback function to send malicious XSS code to the administrator backend and execute it.

CVE-2022-27125

February 23, 2023 by godfreyd94

zbzcms v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the neirong parameter at /php/ajax.php.

CVE-2022-27156

February 23, 2023 by godfreyd94

Daylight Studio Fuel CMS 1.5.1 is vulnerable to HTML Injection.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2001
  • Go to page 2002
  • Go to page 2003
  • Go to page 2004
  • Go to page 2005
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE