• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-20816

February 26, 2023 by

An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. This issue affects the “add dashboard pages” feature where users can receive a malicious attack through a phished URL, with script executed.

CVE-2018-20824

February 26, 2023 by

The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the cyclePeriod parameter.

CVE-2018-20827

February 26, 2023 by

The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the country parameter.

CVE-2018-20837

February 26, 2023 by

include/admin/Menu/Ajax.php in Typesetter 5.1 has index.php/Admin/Menu/Ajax?cmd=AddHidden title XSS.

CVE-2018-20758

February 26, 2023 by

MODX Revolution through v2.7.0-pl allows XSS via User Settings such as Description.

CVE-2018-20774

February 26, 2023 by

Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 317
  • Go to page 318
  • Go to page 319
  • Go to page 320
  • Go to page 321
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE