Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
mailcow: dockerized vulnerable to stored XSS in user login history real_rip
mailcow: dockerized vulnerable to stored XSS in Quarantine attachment filenames
mailcow: dockerized vulnerable to stored XSS in autodiscover logs email address field
Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileg...
A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct ...
XWiki has Reflected Cross-Site Scripting (XSS) in its page history compare functionality
MaxKB: Stored XSS via Unsanitized html_rander Tags in Markdown Rendering
EspoCRM: Stored HTML injection in email notifications about stream notes via unescaped post field
ChurchCRM has an XSS vulnerability
Zammad improperly neutralizes of script-related HTML tags in ticket articles
WordPress tagDiv Composer plugin <= 5.4.3 - Arbitrary Shortcode Execution vulnerability
WordPress Uminex theme <= 1.0.9 - Arbitrary Shortcode Execution vulnerability
WordPress DukaMarket theme <= 1.3.0 - Arbitrary Shortcode Execution vulnerability
WordPress Armania theme <= 1.4.8 - Arbitrary Shortcode Execution vulnerability
WordPress TechOne theme <= 3.0.3 - Arbitrary Shortcode Execution vulnerability
Stored XSS through the dynamic table format in Cargo
Stored XSS through list fields on Cargo's page values and Special:CargoTables
Stored XSS through URLs in Cargo's map format
Reflected XSS the login page through the 'username' parameter
Papra has an HTML Injection in Transactional Emails via Unescaped User Display Name
Showing 1 - 20 of 1,000+ results