CVE Vulnerability

CWE-79

CVE-2022-26331

by

Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions.

CVE-2022-26332

by

Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field.

CVE-2022-2635

by

The Autoptimize WordPress plugin before 3.1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE-2022-26197

by

Joget DX 7 was discovered to contain a cross-site scripting (XSS) vulnerability via the Datalist table.

CVE-2022-26244

by

A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the “special” field.

CVE-2022-26246

by

TMS v2.28.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /TMS/admin/setting/mail/createorupdate.