Export limit exceeded: 359549 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46784 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-2528 | 1 Apple | 2 Iphone Os, Safari | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with cached frames. | ||||
| CVE-2017-11320 | 1 Technicolor | 2 Tc7337, Tc7337 Firmware | 2025-04-20 | N/A |
| Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor TC7337 routers 08.89.17.20.00 allows an attacker to cause DNS Poisoning and steal credentials from the router. | ||||
| CVE-2017-1132 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-20 | N/A |
| IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 121418. | ||||
| CVE-2017-2578 | 1 Moodle | 1 Moodle | 2025-04-20 | N/A |
| In Moodle 3.x, there is XSS in the assignment submission page. | ||||
| CVE-2017-11296 | 1 Adobe | 1 Experience Manager | 2025-04-20 | N/A |
| An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. A cross-site scripting vulnerability in Apache Sling Servlets Post 2.3.20 has been resolved in Adobe Experience Manager. | ||||
| CVE-2017-7986 | 1 Joomla | 1 Joomla\! | 2025-04-20 | N/A |
| In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components. | ||||
| CVE-2017-3155 | 1 Apache | 1 Atlas | 2025-04-20 | N/A |
| Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting. | ||||
| CVE-2017-11285 | 1 Adobe | 1 Coldfusion | 2025-04-20 | 6.1 Medium |
| Adobe ColdFusion has a cross-site scripting (XSS) vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. | ||||
| CVE-2017-7985 | 1 Joomla | 1 Joomla\! | 2025-04-20 | N/A |
| In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of multibyte characters leads to XSS vulnerabilities in various components. | ||||
| CVE-2017-3103 | 1 Adobe | 1 Connect | 2025-04-20 | N/A |
| Adobe Connect versions 9.6.1 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to a stored cross-site scripting attack. | ||||
| CVE-2017-7953 | 1 Infor | 1 Enterprise Asset Management | 2025-04-20 | N/A |
| INFOR EAM V11.0 Build 201410 has XSS via comment fields. | ||||
| CVE-2017-11289 | 1 Adobe | 1 Connect | 2025-04-20 | N/A |
| An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure. | ||||
| CVE-2017-3104 | 2 Adobe, Microsoft | 2 Robohelp, Windows | 2025-04-20 | N/A |
| Adobe RoboHelp has a cross-site scripting (XSS) vulnerability. This affects versions before RH12.0.4.460 and RH2017 before RH2017.0.2. | ||||
| CVE-2017-11288 | 1 Adobe | 1 Connect | 2025-04-20 | N/A |
| An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure. | ||||
| CVE-2017-11287 | 1 Adobe | 1 Connect | 2025-04-20 | N/A |
| An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure. | ||||
| CVE-2017-1128 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2025-04-20 | N/A |
| IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2017-1127 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2025-04-20 | N/A |
| IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2017-1121 | 1 Ibm | 1 Websphere Application Server | 2025-04-20 | N/A |
| IBM WebSphere Application Server 7.0, 8.0, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1997743 | ||||
| CVE-2017-11195 | 1 Pulsesecure | 1 Pulse Connect Secure | 2025-04-20 | N/A |
| Pulse Connect Secure 8.3R1 has Reflected XSS in launchHelp.cgi. The helpLaunchPage parameter is reflected in an IFRAME element, if the value contains two quotes. It properly sanitizes quotes and tags, so one cannot simply close the src with a quote and inject after that. However, an attacker can use javascript: or data: to abuse this. | ||||
| CVE-2017-11201 | 1 Finecms Project | 1 Finecms | 2025-04-20 | N/A |
| application/core/controller/images.php in FineCMS through 2017-07-12 allows remote authenticated admins to conduct XSS attacks by uploading an image via a route=images action. | ||||