• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-8948

February 26, 2023 by

In MISP before 2.4.89, app/View/Events/resolved_attributes.ctp has multiple XSS issues via a malicious MISP module.

CVE-2018-8957

February 26, 2023 by

CoverCMS v1.1.6 has XSS via the fourth input box to index.php, related to admina/mconfigs.inc.php.

CVE-2018-8899

February 26, 2023 by

IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 does not encode the redirect URI on the authorization response page, which might lead to XSS in some configurations.

CVE-2018-8900

February 26, 2023 by

The License Manager service of HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE 7.80 allows remote attackers to inject malicious web script in the logs page of Admin Control Center (ACC) for cross-site scripting (XSS) vulnerability.

CVE-2018-8903

February 26, 2023 by

Open-AudIT Professional 2.1 allows XSS via the Name or Description field on the Credentials screen.

CVE-2018-8906

February 26, 2023 by

dsmall v20180320 has XSS via a crafted street address to public/index.php/home/memberaddress/index.html, which is mishandled at public/index.php/home/memberaddress/edit/address_id/2.html.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 236
  • Go to page 237
  • Go to page 238
  • Go to page 239
  • Go to page 240
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE