• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-24620

February 23, 2023 by godfreyd94

Piwigo version 12.2.0 is vulnerable to stored cross-site scripting (XSS), which can lead to privilege escalation. In this way, admin can steal webmaster’s cookies to get the webmaster’s access.

CVE-2022-24643

February 23, 2023 by godfreyd94

A stored cross-site scripting (XSS) issue was discovered in the OpenEMR Hospital Information Management System version 6.0.0.

CVE-2022-24654

February 23, 2023 by godfreyd94

Authenticated stored cross-site scripting (XSS) vulnerability in “Field Server Address” field in INTELBRAS ATA 200 Firmware 74.19.10.21 allows attackers to inject JavaScript code through a crafted payload.

CVE-2022-24656

February 23, 2023 by godfreyd94

HexoEditor 1.1.8 is affected by Cross Site Scripting (XSS). By putting a common XSS payload in a markdown file, if opened with the app, will execute several times.

CVE-2022-24681

February 23, 2023 by godfreyd94

Zoho ManageEngine ADSelfService Plus before 6121 allows XSS via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screen.

CVE-2022-24682

February 23, 2023 by godfreyd94

An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2036
  • Go to page 2037
  • Go to page 2038
  • Go to page 2039
  • Go to page 2040
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE