• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-1290

February 23, 2023 by

Stored XSS in “Name”, “Group Name” & “Title” in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the user’s browser and it can lead to session hijacking, sensitive data exposure, and worse.

CVE-2022-1291

February 23, 2023 by

XSS vulnerability with default `onCellHtmlData` function in GitHub repository hhurz/tableexport.jquery.plugin prior to 1.25.0. Transmitting cookies to third-party servers. Sending data from secure sessions to third-party servers

CVE-2022-1293

February 23, 2023 by

The embedded neutralization of Script-Related HTML Tag, was by-passed in the case of some extra conditions.

CVE-2022-1294

February 23, 2023 by

The IMDB info box WordPress plugin through 2.0 does not sanitize and escape some of its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

CVE-2022-1298

February 23, 2023 by

The Tabs WordPress plugin before 2.2.8 does not sanitise and escape Tab descriptions, which could allow high privileged users with a role as low as editor to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

CVE-2022-1299

February 23, 2023 by

The Slideshow WordPress plugin through 2.3.1 does not sanitize and escape some of its default slideshow settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2125
  • Go to page 2126
  • Go to page 2127
  • Go to page 2128
  • Go to page 2129
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE