• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-26146

February 23, 2023 by godfreyd94

Tricentis qTest before 10.4 allows stored XSS by an authenticated attacker.

CVE-2022-26155

February 23, 2023 by godfreyd94

An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. XSS can occur via a payload in the SAMLResponse parameter of the HTTP request body.

CVE-2022-26088

February 23, 2023 by godfreyd94

An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML (such as an SSRF payload) into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the “number of recipients” field. NOTE: the vendor’s position is that “no real impact is demonstrated.”

CVE-2022-26101

February 23, 2023 by godfreyd94

Fiori launchpad – versions 754, 755, 756, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

CVE-2022-26105

February 23, 2023 by godfreyd94

SAP NetWeaver Enterprise Portal – versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the Network. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.

CVE-2022-25929

February 23, 2023 by godfreyd94

The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting (XSS) due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2013
  • Go to page 2014
  • Go to page 2015
  • Go to page 2016
  • Go to page 2017
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE