Total
30485 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-41353 | 1 Phpipam | 1 Phpipam | 2024-08-02 | 7.1 High |
| phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\groups\edit-group.php | ||||
| CVE-2024-41356 | 1 Phpipam | 1 Phpipam | 2024-08-02 | 4.7 Medium |
| phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\firewall-zones\zones-edit-network.php. | ||||
| CVE-2024-27183 | 1 Dj-extensions | 1 Dj-helpfularticles | 2024-08-02 | 6.1 Medium |
| XSS vulnerability in DJ-HelpfulArticles component for Joomla. | ||||
| CVE-2024-26279 | 1 Joomla | 1 Joomla\! | 2024-08-02 | 6.1 Medium |
| The wrapper extensions do not correctly validate inputs, leading to XSS vectors. | ||||
| CVE-2024-21724 | 2024-08-02 | N/A | ||
| Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions. | ||||
| CVE-2024-26278 | 1 Joomla | 1 Joomla\! | 2024-08-02 | 6.1 Medium |
| The Custom Fields component not correctly filter inputs, leading to a XSS vector. | ||||
| CVE-2024-40731 | 1 Netbox | 1 Netbox | 2024-08-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/{id}/edit/. | ||||
| CVE-2024-40732 | 1 Netbox | 1 Netbox | 2024-08-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/add/. | ||||
| CVE-2024-40734 | 1 Netbox | 1 Netbox | 2024-08-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/front-ports/add/. | ||||
| CVE-2024-40605 | 1 Mediawiki | 1 Mediawiki | 2024-08-02 | 4.8 Medium |
| An issue was discovered in the Foreground skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries. | ||||
| CVE-2024-40741 | 1 Netbox | 1 Netbox | 2024-08-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the circuit ID parameter at /circuits/circuits/{id}/edit/. | ||||
| CVE-2024-40738 | 1 Netbox | 1 Netbox | 2024-08-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-ports/{id}/edit/. | ||||
| CVE-2024-40730 | 1 Netbox | 1 Netbox | 2024-08-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/{id}/edit/. | ||||
| CVE-2024-40728 | 1 Netbox | 1 Netbox | 2024-08-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/{id}/edit/. | ||||
| CVE-2024-40740 | 1 Netbox | 1 Netbox | 2024-08-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-feeds/{id}/edit/. | ||||
| CVE-2024-40727 | 1 Netbox | 1 Netbox | 2024-08-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/add/. | ||||
| CVE-2024-40602 | 1 Mediawiki | 1 Mediawiki | 2024-08-02 | 4.8 Medium |
| An issue was discovered in the Tempo skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries. | ||||
| CVE-2024-40626 | 1 Getoutline | 1 Outline | 2024-08-02 | 7.3 High |
| Outline is an open source, collaborative document editor. A type confusion issue was found in ProseMirror’s rendering process that leads to a Stored Cross-Site Scripting (XSS) vulnerability in Outline. An authenticated user can create a document containing a malicious JavaScript payload. When other users view this document, the malicious Javascript can execute in the origin of Outline. Outline includes CSP rules to prevent third-party code execution, however in the case of self-hosting and having your file storage on the same domain as Outline a malicious payload can be uploaded as a file attachment and bypass those CSP restrictions. This issue has been addressed in release version 0.77.3. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-40736 | 1 Netbox | 1 Netbox | 2024-08-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-outlets/add. | ||||
| CVE-2024-40742 | 1 Netbox | 1 Netbox | 2024-08-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the circuit ID parameter at /circuits/circuits/add. | ||||