Export limit exceeded: 46374 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46374 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-44581 | 1 Vercel | 1 Next.js | 2026-05-18 | 4.7 Medium |
| Next.js is a React framework for building full-stack web applications. From 13.4.0 to before 15.5.16 and 16.2.5, App Router applications that rely on CSP nonces can be vulnerable to stored cross-site scripting when deployed behind shared caches. In affected versions, malformed nonce values derived from request headers could be reflected into rendered HTML in an unsafe way, allowing an attacker to poison cached responses and cause script execution for later visitors. This vulnerability is fixed in 15.5.16 and 16.2.5. | ||||
| CVE-2021-47957 | 2 Cookielawinfo, Wordpress | 2 Cookie Law Bar, Wordpress | 2026-05-18 | 6.4 Medium |
| Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of all WordPress users viewing the site, enabling cookie theft and sensitive data exfiltration. | ||||
| CVE-2021-47934 | 1 Mybb | 1 Mybb | 2026-05-18 | 5.3 Medium |
| MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and Bio. Attackers can also exploit a cross-site request forgery vulnerability in the timeline.php profile action to change a user's cover picture by crafting malicious forms that execute when victims visit affected profiles. | ||||
| CVE-2026-3220 | 4 Autoptimize, Clearfy Cache, Speed Optimizer and 1 more | 4 Autoptimize, Clearfy Cache, Speed Optimizer and 1 more | 2026-05-18 | 8.8 High |
| The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting (XSS) due to a predictable replacement hash used during the HTML minification process and abusing a regular expression. This allows an attacker to inject arbitrary HTML attributes in the final HTML output by anticipating the placeholder format. | ||||
| CVE-2026-7498 | 1 Basamak | 1 Dernekweb | 2026-05-18 | 8.8 High |
| Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Basamak Information Technology Consulting and Organization Trade Ltd. Co. DernekWeb allows Stored XSS. This issue affects DernekWeb: through 30122025. | ||||
| CVE-2026-8656 | 1 Benjamine | 1 Jsondiffpatch | 2026-05-18 | 6.1 Medium |
| Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Cross-site Scripting (XSS) via the annotated formatter due to improper sanitization of JSON values and property names. If an application compares untrusted JSON/object data and renders annotated formatter output in the DOM, attacker-controlled HTML can be interpreted by the browser, resulting in XSS. | ||||
| CVE-2020-37236 | 1 Netartmedia | 1 News Lister | 2026-05-18 | 6.4 Medium |
| NewsLister contains an authenticated persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the title parameter in the news addition interface. Attackers can inject JavaScript payloads via the title field in the admin panel that execute when news items are viewed by other users. | ||||
| CVE-2020-37235 | 2 Themeftc, Wordpress | 2 Theme Wibar, Wordpress | 2026-05-18 | 6.4 Medium |
| WordPress Theme Wibar 1.1.8 contains a stored cross-site scripting vulnerability in the Brand component that allows authenticated users to inject malicious scripts by manipulating the Logo URL parameter. Attackers with editor, administrator, contributor, or author privileges can inject base64-encoded script payloads through the ftc_brand_url input field to execute arbitrary JavaScript when users visit the brand page. | ||||
| CVE-2026-8740 | 2 Publiccms, Sanluan | 2 Publiccms, Publiccms | 2026-05-18 | 6.3 Medium |
| A flaw has been found in Sanluan PublicCMS 5.202506.d. The impacted element is the function execute of the file publiccms-core/src/main/java/com/publiccms/views/directive/tools/TemplateResultDirective.java of the component templateResult API. This manipulation of the argument templateContent causes improper neutralization of special elements used in a template engine. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2021-4195 | 1 Firmanet | 1 Customer Relation Manager | 2026-05-18 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows XSS Targeting HTML Attributes. This issue affects Customer Relation Manager: before 2022.03.13. | ||||
| CVE-2021-45479 | 1 Yordam | 1 Library Automation System | 2026-05-18 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation vulnerability in Yordam Information Technologies Library Automation System allows Stored XSS. This issue affects Library Automation System: before 19.2. | ||||
| CVE-2021-45476 | 1 Yordam | 1 Library Automation System | 2026-05-18 | 4.7 Medium |
| Yordam Library Information Document Automation product before version 19.02 has an unauthenticated reflected XSS vulnerability. | ||||
| CVE-2021-44197 | 1 Ubit | 1 Student Information Management System | 2026-05-18 | 6.1 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in UBIT Information Technologies Student Information Management System. This issue affects Student Information Management System: before 20211126. | ||||
| CVE-2021-44196 | 1 Ubit | 1 Student Information Management System | 2026-05-18 | 6.1 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in UBIT Information Technologies Student Information Management System. This issue affects Student Information Management System: before 20211126. | ||||
| CVE-2018-25331 | 1 Zenar | 1 Zenar Content Management System | 2026-05-18 | 6.1 Medium |
| Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating form parameters in POST requests. Attackers can inject script tags through the current_page parameter sent to the ajax.php endpoint, which reflects unsanitized user input in the response HTML to execute arbitrary JavaScript in victim browsers. | ||||
| CVE-2026-3604 | 2 Kcseopro, Wordpress | 2 Wp Seo Structured Data Schema, Wordpress | 2026-05-17 | 4.9 Medium |
| The WP SEO Structured Data Schema plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `_kcseo_ative_tab` parameter in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2026-42948 | 1 Elecom | 4 Wab-be187-m, Wab-be36-m, Wab-be36-s and 1 more | 2026-05-17 | N/A |
| Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser. | ||||
| CVE-2026-44429 | 2 Lfprojects, Modelcontextprotocol | 2 Mcp Registry, Registry | 2026-05-17 | 5.4 Medium |
| The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.7, the public catalogue UI served at GET / (file internal/api/handlers/v0/ui_index.html) is vulnerable to stored cross-site scripting via the server.websiteUrl field of any published server.json. Server-side validation in internal/validators/validators.go (validateWebsiteURL) only checks that the URL parses, is absolute, and uses the https scheme; it does not reject quote characters. Client-side, the value is interpolated into a double-quoted href attribute via innerHTML, using a homegrown escapeHtml helper that performs the standard textContent → innerHTML round-trip. Per the HTML serialisation algorithm, that round-trip encodes only &, <, > and U+00A0 inside text nodes — it does not encode " or '. A literal " in websiteUrl therefore breaks out of the href attribute, allowing arbitrary on* event handlers to be appended to the same <a> element. The Content-Security-Policy on / is script-src 'self' 'unsafe-inline' https://cdn.tailwindcss.com, so the injected event handlers execute. Any user able to obtain a publish token (e.g. via POST /v0/auth/github-at with their own GitHub account, or POST /v0/auth/none on a deployment that has anonymous auth enabled) can plant a poisoned record visible to every visitor of the registry homepage. This vulnerability is fixed in 1.7.7. | ||||
| CVE-2026-44371 | 1 Osc | 1 Open Ondemand | 2026-05-17 | N/A |
| Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2. | ||||
| CVE-2026-42897 | 1 Microsoft | 7 Exchange Server, Exchange Server 2016, Exchange Server 2019 and 4 more | 2026-05-17 | 8.1 High |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. | ||||