Total
44191 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-40105 | 1 Concretecms | 1 Concrete Cms | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Concrete CMS through 8.5.5. There is XSS via Markdown Comments. | ||||
| CVE-2021-40100 | 1 Concretecms | 1 Concrete Cms | 2024-11-21 | 5.4 Medium |
| An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor is set to Rich Text. | ||||
| CVE-2021-40096 | 1 Squaredup | 1 Squaredup | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in integration configuration in SquaredUp for SCOM 5.2.1.6654 allows remote attackers to inject arbitrary web script or HTML via modification of the authorisationUrl in some integration configurations. | ||||
| CVE-2021-40094 | 1 Squaredup | 1 Squaredup | 2024-11-21 | 5.4 Medium |
| A DOM-based XSS vulnerability affects SquaredUp for SCOM 5.2.1.6654. If successfully exploited, this vulnerability may allow attackers to inject malicious code into a user's device. | ||||
| CVE-2021-40093 | 1 Squaredup | 1 Squaredup | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in integration configuration in SquaredUp for SCOM 5.2.1.6654 allows remote attackers to inject arbitrary web script or HTML via dashboard actions. | ||||
| CVE-2021-40092 | 1 Squaredup | 1 Squaredup | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in Image Tile in SquaredUp for SCOM 5.2.1.6654 allows remote attackers to inject arbitrary web script or HTML via an SVG file. | ||||
| CVE-2021-40041 | 1 Huawei | 2 Ws318n-21, Ws318n-21 Firmware | 2024-11-21 | 4.2 Medium |
| There is a Cross-Site Scripting(XSS) vulnerability in HUAWEI WS318n product when processing network settings. Due to insufficient validation of user input, a local authenticated attacker could exploit this vulnerability by injecting special characters. Successful exploit could cause certain information disclosure. Affected product versions include: WS318n-21 10.0.2.2, 10.0.2.5 and 10.0.2.6. | ||||
| CVE-2021-3994 | 1 Django-helpdesk Project | 1 Django-helpdesk | 2024-11-21 | 9.6 Critical |
| django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-3985 | 1 Kimai | 1 Kimai2 | 2024-11-21 | 9.0 Critical |
| kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-3983 | 1 Kimai2 Project | 1 Kimai2 | 2024-11-21 | 6.1 Medium |
| kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-3977 | 1 Invoiceninja | 1 Invoice Ninja | 2024-11-21 | 5.4 Medium |
| invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-3961 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 5.4 Medium |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-3950 | 1 Django-helpdesk Project | 1 Django-helpdesk | 2024-11-21 | 5.4 Medium |
| django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-3945 | 1 Django-helpdesk Project | 1 Django-helpdesk | 2024-11-21 | 6.1 Medium |
| django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-3938 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 5.4 Medium |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-3920 | 1 Getgrav | 1 Grav-plugin-admin | 2024-11-21 | 5.4 Medium |
| grav-plugin-admin is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-3914 | 1 Redhat | 4 Build Of Quarkus, Openshift Application Runtimes, Quarkus and 1 more | 2024-11-21 | 6.1 Medium |
| It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks. | ||||
| CVE-2021-3904 | 1 Getgrav | 1 Grav | 2024-11-21 | 5.4 Medium |
| grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-3879 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 5.4 Medium |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-3866 | 1 Zulip | 1 Zulip | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository zulip/zulip more than and including 44f935695d452cc3fb16845a0c6af710438b153d and prior to 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6. | ||||