• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-25138

February 23, 2023 by godfreyd94

Axelor Open Suite v5.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Name parameter.

CVE-2022-2514

February 23, 2023 by godfreyd94

The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim.

CVE-2022-2495

February 23, 2023 by godfreyd94

Cross-site Scripting (XSS) – Stored in GitHub repository microweber/microweber prior to 1.2.21.

CVE-2022-24957

February 23, 2023 by godfreyd94

DHC Vision eQMS through 5.4.8.322 has Persistent XSS due to insufficient encoding of untrusted input/output. To exploit the vulnerability, the attacker has to create or edit a new information object and use the XSS payload as the name. Any user that opens the object’s version or history tab will be attacked.

CVE-2022-24967

February 23, 2023 by godfreyd94

Black Rainbow NIMBUS before 3.7.0 allows stored Cross-site Scripting (XSS).

CVE-2022-24981

February 23, 2023 by godfreyd94

A reflected cross-site scripting (XSS) vulnerability in forms generated by JQueryForm.com before 2022-02-05 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to admin.php.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2029
  • Go to page 2030
  • Go to page 2031
  • Go to page 2032
  • Go to page 2033
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE