• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-20339

February 26, 2023 by

Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the Notes column of the Alarms section.

CVE-2018-20242

February 26, 2023 by

A carefully crafted URL could trigger an XSS vulnerability on Apache JSPWiki, from versions up to 2.10.5, which could lead to session hijacking.

CVE-2018-20244

February 26, 2023 by

In Apache Airflow before 1.10.2, a malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views.

CVE-2018-20302

February 26, 2023 by

An XSS issue was discovered in Steve Pallen Xain before 0.6.2 via the order parameter.

CVE-2018-20306

February 26, 2023 by

A stored cross-site scripting (XSS) vulnerability in the web administration user interface of Pulse Secure Virtual Traffic Manager may allow a remote authenticated attacker to inject web script or HTML via a crafted website and steal sensitive data and credentials. Affected releases are Pulse Secure Virtual Traffic Manager 9.9 versions prior to 9.9r2 and 10.4r1.

CVE-2018-2021

February 26, 2023 by

IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155345.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 330
  • Go to page 331
  • Go to page 332
  • Go to page 333
  • Go to page 334
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE