• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2020-7934

February 26, 2023 by

In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle Name, and Last Name fields for user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue. Any user can modify these fields with a particular XSS payload, and it will be stored in the database. The payload will then be rendered when a user utilizes the search feature to search for other users (i.e., if a user with modified fields occurs in the search results). This issue was fixed in Liferay Portal CE version 7.3.0 GA1.

CVE-2020-7937

February 26, 2023 by

An XSS issue in the title field in Plone 5.0 through 5.2.1 allows users with a certain privilege level to insert JavaScript that will be executed when other users access the site.

CVE-2020-7910

February 26, 2023 by

JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role.

CVE-2020-7911

February 26, 2023 by

In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS.

CVE-2020-7913

February 26, 2023 by

JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description.

CVE-2020-7915

February 26, 2023 by

An issue was discovered on Eaton 5P 850 devices. The Ubicacion SAI field allows XSS attacks by an administrator.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 602
  • Go to page 603
  • Go to page 604
  • Go to page 605
  • Go to page 606
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE