Export limit exceeded: 45594 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45594 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22528 | 1 Microfocus | 1 Access Manager | 2024-11-21 | 8 High |
| Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | ||||
| CVE-2021-22522 | 1 Microfocus | 1 Verastream Host Integrator | 2024-11-21 | 7.1 High |
| Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data. | ||||
| CVE-2021-22510 | 1 Microfocus | 1 Application Automation Tools | 2024-11-21 | 6.1 Medium |
| Reflected XSS vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects all version 6.7 and earlier versions. | ||||
| CVE-2021-22499 | 1 Microfocus | 1 Application Performance Management | 2024-11-21 | 4.8 Medium |
| Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow persistent XSS attack. | ||||
| CVE-2021-22410 | 1 Huawei | 2 Imaster Nce-fabric, Imaster Nce-fabric Firmware | 2024-11-21 | 5.4 Medium |
| There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client. | ||||
| CVE-2021-22261 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.3 High |
| A stored Cross-Site Scripting vulnerability in the Jira integration in all GitLab versions starting from 13.9 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to execute arbitrary JavaScript code on the victim's behalf via malicious Jira API responses | ||||
| CVE-2021-22260 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.7 High |
| A stored Cross-Site Scripting vulnerability in the DataDog integration in all versions of GitLab CE/EE starting from 13.7 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to execute arbitrary JavaScript code on the victim's behalf | ||||
| CVE-2021-22242 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 8.7 High |
| Insufficient input sanitization in Mermaid markdown in GitLab CE/EE version 11.4 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown | ||||
| CVE-2021-22241 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 8.7 High |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0. It was possible to exploit a stored cross-site-scripting via a specifically crafted default branch name. | ||||
| CVE-2021-22238 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.8 Medium |
| An issue has been discovered in GitLab affecting all versions starting with 13.3. GitLab was vulnerable to a stored XSS by using the design feature in issues. | ||||
| CVE-2021-22234 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 9.6 Critical |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.11 before 13.11.7, all versions starting from 13.12 before 13.12.8, and all versions starting from 14.0 before 14.0.4. A specially crafted design image allowed attackers to read arbitrary files on the server. | ||||
| CVE-2021-22227 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.1 Medium |
| A reflected cross-site script vulnerability in GitLab before versions 13.11.6, 13.12.6 and 14.0.2 allowed an attacker to send a malicious link to a victim and trigger actions on their behalf if they clicked it | ||||
| CVE-2021-22225 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.7 Medium |
| Insufficient input sanitization in markdown in GitLab version 13.11 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown | ||||
| CVE-2021-22223 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.1 Medium |
| Client-Side code injection through Feature Flag name in GitLab CE/EE starting with 11.9 allows a specially crafted feature flag name to PUT requests on behalf of other users via clicking on a link | ||||
| CVE-2021-22220 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.1 Medium |
| An issue has been discovered in GitLab affecting all versions starting with 13.10. GitLab was vulnerable to a stored XSS in blob viewer of notebooks. | ||||
| CVE-2021-22199 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 3.5 Low |
| An issue has been discovered in GitLab affecting all versions starting with 12.9. GitLab was vulnerable to a stored XSS if scoped labels were used. | ||||
| CVE-2021-22196 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.3 Medium |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4. It was possible to exploit a stored cross-site-scripting in merge request via a specifically crafted branch name. | ||||
| CVE-2021-22185 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.4 Medium |
| Insufficient input sanitization in wikis in GitLab version 13.8 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted commit to a wiki | ||||
| CVE-2021-22183 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.1 Medium |
| An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions. | ||||
| CVE-2021-22182 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 3.5 Low |
| An issue has been discovered in GitLab affecting all versions starting with 13.7. GitLab was vulnerable to a stored XSS in merge request. | ||||