• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2020-5785

February 26, 2023 by

Insufficient output sanitization in Teltonika firmware TRB2_R_00.02.04.3 allows an unauthenticated attacker to conduct reflected cross-site scripting via a crafted ‘action’ or ‘pkg_name’ parameter.

CVE-2020-5728

February 26, 2023 by

OpenMRS 2.9 and prior copies “Referrer” header values into an html element named “redirectUrl” within many webpages (such as login.htm). There is insufficient validation for this parameter, which allows for the possibility of cross-site scripting.

CVE-2020-5729

February 26, 2023 by

In OpenMRS 2.9 and prior, the UI Framework Error Page reflects arbitrary, user-supplied input back to the browser, which can result in XSS. Any page that is able to trigger a UI Framework Error is susceptible to this issue.

CVE-2020-5730

February 26, 2023 by

In OpenMRS 2.9 and prior, the sessionLocation parameter for the login page is vulnerable to cross-site scripting.

CVE-2020-5731

February 26, 2023 by

In OpenMRS 2.9 and prior, the app parameter for the ActiveVisit’s page is vulnerable to cross-site scripting.

CVE-2020-5737

February 26, 2023 by

Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user’s browser session. Updated input validation techniques have been implemented to correct this issue.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 628
  • Go to page 629
  • Go to page 630
  • Go to page 631
  • Go to page 632
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE