Search Results (47000 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-43828 1 Intelliants 1 Subrion 2024-11-21 5.4 Medium
A Cross-site scripting (XSS) vulnerability in /panel/languages/ of Subrion v4.2.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Title' parameter.
CVE-2023-43797 1 Bigbluebutton 1 Bigbluebutton 2024-11-21 6.3 Medium
BigBlueButton is an open-source virtual classroom. Prior to versions 2.6.11 and 2.7.0-beta.3, Guest Lobby was vulnerable to cross-site scripting when users wait to enter the meeting due to inserting unsanitized messages to the element using unsafe innerHTML. Text sanitizing was added for lobby messages starting in versions 2.6.11 and 2.7.0-beta.3. There are no known workarounds.
CVE-2023-43763 1 Withsecure 1 F-secure Policy Manager 2024-11-21 6.1 Medium
Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows and Linux.
CVE-2023-43735 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "formats_titles[7]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43734 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "name" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43733 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "company_address" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43732 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "tax_class_title" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43731 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "zone_name" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43730 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "countries_name[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43729 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "xsell_type_name[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43728 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "stock_delivery_terms_text[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43727 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "stock_indication_text[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43726 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "orders_products_status_manual_name_long[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43725 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "orders_products_status_name_long[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43724 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "derb6zmklgtjuhh2cn5chn2qjbm2stgmfa4.oastify.comscription[1][name]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43723 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "orders_status_name[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43722 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "orders_status_groups_name[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43721 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "PACKING_SLIPS_SUMMARY_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43720 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "BILLING_GENDER_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
CVE-2023-43719 1 Oscommerce 1 Oscommerce 2024-11-21 5.4 Medium
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "SHIPPING_GENDER_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.