Export limit exceeded: 45472 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45472 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-1607 | 1 Juniper | 44 Ex2300, Ex2300-c, Ex3400 and 41 more | 2024-11-21 | 7.5 High |
| Insufficient Cross-Site Scripting (XSS) protection in J-Web may potentially allow a remote attacker to inject web script or HTML, hijack the target user's J-Web session and perform administrative actions on the Junos device as the targeted user. This issue affects Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D86, 12.3X48-D90 on SRX Series; 14.1X53 versions prior to 14.1X53-D51 on EX and QFX Series; 15.1F6 versions prior to 15.1F6-S13; 15.1 versions prior to 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190 on SRX Series; 15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D592 on EX2300/EX3400 Series; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R3-S2; 17.3 versions prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R2-S5, 18.2R3; 18.3 versions prior to 18.3R1-S6, 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2; 19.1 versions prior to 19.1R1-S2, 19.1R2. | ||||
| CVE-2020-1442 | 1 Microsoft | 2 Office Online Server, Office Web Apps | 2024-11-21 | 6.1 Medium |
| A spoofing vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request, aka 'Office Web Apps XSS Vulnerability'. | ||||
| CVE-2020-1340 | 1 Microsoft | 1 Nugetgallery | 2024-11-21 | 5.4 Medium |
| A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'. | ||||
| CVE-2020-1327 | 1 Microsoft | 1 Azure Devops Server | 2024-11-21 | 6.1 Medium |
| A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'. | ||||
| CVE-2020-1326 | 1 Microsoft | 1 Azure Devops Server | 2024-11-21 | 5.4 Medium |
| A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'. | ||||
| CVE-2020-1289 | 1 Microsoft | 1 Sharepoint Foundation | 2024-11-21 | 5.4 Medium |
| A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1148. | ||||
| CVE-2020-1148 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2024-11-21 | 5.4 Medium |
| A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1289. | ||||
| CVE-2020-1107 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 5.4 Medium |
| A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1104, CVE-2020-1105. | ||||
| CVE-2020-1105 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2024-11-21 | 5.4 Medium |
| A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1104, CVE-2020-1107. | ||||
| CVE-2020-1104 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 5.4 Medium |
| A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1105, CVE-2020-1107. | ||||
| CVE-2020-1063 | 1 Microsoft | 1 Dynamics 365 | 2024-11-21 | 5.4 Medium |
| A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. | ||||
| CVE-2020-1050 | 1 Microsoft | 1 Dynamics 365 Server | 2024-11-21 | 6.1 Medium |
| A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. This CVE ID is unique from CVE-2020-1049. | ||||
| CVE-2020-1049 | 1 Microsoft | 1 Dynamics 365 Server | 2024-11-21 | 5.4 Medium |
| A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. This CVE ID is unique from CVE-2020-1050. | ||||
| CVE-2020-19962 | 1 Chaoji Cms Project | 1 Chaoji Cms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the getClientIp function in /lib/tinwin.class.php of Chaoji CMS 2.39, allows attackers to execute arbitrary web scripts. | ||||
| CVE-2020-19952 | 1 Jbt | 1 Live \(github-flavored\) Markdown Editor | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed324822b8919477, allows remote attackers to execute arbirary code via crafted payload or opening malicious .md file. | ||||
| CVE-2020-19950 | 1 Yzmcms | 1 Yzmcms | 2024-11-21 | 4.8 Medium |
| A cross-site scripting (XSS) vulnerability in the /banner/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-19949 | 1 Yzmcms | 1 Yzmcms | 2024-11-21 | 4.8 Medium |
| A cross-site scripting (XSS) vulnerability in the /link/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-19924 | 1 Issuehunt | 1 Boostnote | 2024-11-21 | 5.4 Medium |
| In Boostnote 0.12.1, exporting to PDF contains opportunities for XSS attacks. | ||||
| CVE-2020-19915 | 1 Wuzhicms | 1 Wuzhicms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS vulnerability exists in WUZHI CMS 4.1.0 via the mailbox username in index.php. | ||||
| CVE-2020-19914 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in xiunobbs 4.0.4 allows remote attackers to execute arbitrary web script or HTML via the attachment upload function. | ||||