• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-25191

February 23, 2023 by godfreyd94

Jenkins Agent Server Parameter Plugin 1.0 and earlier does not escape parameter names of agent server parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

CVE-2022-25202

February 23, 2023 by godfreyd94

Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier does not escape the name of custom promotion levels, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.

CVE-2022-25069

February 23, 2023 by godfreyd94

Mark Text v0.16.3 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability which allows attackers to perform remote code execution (RCE) via injecting a crafted payload into /lib/contentState/pasteCtrl.js.

CVE-2022-2510

February 23, 2023 by godfreyd94

Cross-site Scripting (XSS) vulnerability in “Extension:ExtendedSearch” of Hallo Welt! GmbH BlueSpice allows attacker to inject arbitrary HTML (XSS) on page “Special:SearchCenter”, using the search term in the URL.

CVE-2022-2511

February 23, 2023 by godfreyd94

Cross-site Scripting (XSS) vulnerability in the “commonuserinterface” component of BlueSpice allows an attacker to inject arbitrary HTML into a page using the title parameter of the call URL.

CVE-2022-25114

February 23, 2023 by godfreyd94

Event Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the full_name parameter under register.php.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2028
  • Go to page 2029
  • Go to page 2030
  • Go to page 2031
  • Go to page 2032
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE