• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-5214

February 26, 2023 by

The “Add Link to Facebook” plugin through 2.3 for WordPress has XSS via the al2fb_facebook_id parameter to wp-admin/profile.php.

CVE-2018-5215

February 26, 2023 by

Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter.

CVE-2018-5216

February 26, 2023 by

Radiant CMS 1.1.4 has XSS via crafted Markdown input in the part_body_content parameter to an admin/pages/*/edit resource.

CVE-2018-5164

February 26, 2023 by

Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the “multipart/x-mixed-replace” MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks. This vulnerability affects Firefox < 60.

CVE-2018-5172

February 26, 2023 by

The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site to socially engineer a user to copy and paste malicious script content that could then run with the context of either page but does not allow for privilege escalation. This vulnerability affects Firefox < 60.

CVE-2018-5175

February 26, 2023 by

A mechanism to bypass Content Security Policy (CSP) protections on sites that have a “script-src” policy of “‘strict-dynamic'”. If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the “require.js” library that is part of Firefox’s Developer Tools, and then use a known technique using that library to bypass the CSP restrictions on executing injected scripts. This vulnerability affects Firefox < 60.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 291
  • Go to page 292
  • Go to page 293
  • Go to page 294
  • Go to page 295
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE