• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-6882

February 26, 2023 by

Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment.

CVE-2018-6796

February 26, 2023 by

PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored XSS via every profile input field.

CVE-2018-6811

February 26, 2023 by

Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via the Citrix NetScaler interface.

CVE-2018-6824

February 26, 2023 by

Cozy version 2 has XSS allowing remote attackers to obtain administrative access via JavaScript code in the url parameter to the /api/proxy URI, as demonstrated by an XMLHttpRequest call with an ’email:”attacker@example.com”‘ request, which can be followed by a password reset.

CVE-2018-6834

February 26, 2023 by

static/js/pad_utils.js in Etherpad Lite before v1.6.3 has XSS via window.location.href.

CVE-2018-6842

February 26, 2023 by

Kentico 10 before 10.0.50 and 11 before 11.0.3 has XSS in which a crafted URL results in improper construction of a system page.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 266
  • Go to page 267
  • Go to page 268
  • Go to page 269
  • Go to page 270
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE