U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
There are 229,202 matching records.
Displaying matches 261 through 280.
Vuln ID Summary CVSS Severity
CVE-2024-29768

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra allows Stored XSS.This issue affects Astra: from n/a through 4.6.4.

Published: March 27, 2024; 9:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29767

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wobbie.Nl Doneren met Mollie allows Reflected XSS.This issue affects Doneren met Mollie: from n/a through 2.10.2.

Published: March 27, 2024; 9:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29766

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StreamWeasels StreamWeasels Twitch Integration allows Stored XSS.This issue affects StreamWeasels Twitch Integration: from n/a through 1.7.5.

Published: March 27, 2024; 9:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-28784

IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285893.

Published: March 27, 2024; 9:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-27270

IBM WebSphere Application Server Liberty 23.0.0.3 through 24.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in a specially crafted URI. IBM X-Force ID: 284576.

Published: March 27, 2024; 9:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-27091

GeoNode is a geospatial content management system, a platform for the management and publication of geospatial data. An issue exists within GEONODE where the current rich text editor is vulnerable to Stored XSS. The applications cookies are set securely, but it is possible to retrieve a victims CSRF token and issue a request to change another user's email address to perform a full account takeover. Due to the script element not impacting the CORS policy, requests will succeed. This vulnerability is fixed in 4.2.3.

Published: March 27, 2024; 9:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-6400

Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management (ZCM) allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management (ZCM) versions: 2020 update 3, 23.3, and 23.4.

Published: March 27, 2024; 9:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-6153

Authentication Bypass by Primary Weakness vulnerability in TeoSOFT Software TeoBASE allows Authentication Bypass.This issue affects TeoBASE: through 20240327. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Published: March 27, 2024; 9:15:46 AM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2023-50961

IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 275939.

Published: March 27, 2024; 9:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30186

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Prime Slider – Addons For Elementor allows Stored XSS.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.1.

Published: March 27, 2024; 8:15:14 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30185

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elementor Addons: from n/a through 5.5.3.

Published: March 27, 2024; 8:15:13 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30184

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Looking Forward Software Incorporated. Popup Builder allows Stored XSS.This issue affects Popup Builder: from n/a through 4.2.6.

Published: March 27, 2024; 8:15:13 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30183

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for WPBakery Page Builder allows Stored XSS.This issue affects Livemesh Addons for WPBakery Page Builder: from n/a through 3.7.

Published: March 27, 2024; 8:15:12 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30182

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Mega allows Stored XSS.This issue affects HT Mega: from n/a through 2.4.3.

Published: March 27, 2024; 8:15:12 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30181

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plainware Locatoraid Store Locator allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through 3.9.30.

Published: March 27, 2024; 8:15:11 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30180

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Easy Social Feed allows Stored XSS.This issue affects Easy Social Feed: from n/a through 6.5.3.

Published: March 27, 2024; 8:15:11 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30179

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 4.7.6.

Published: March 27, 2024; 8:15:10 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29818

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Poll Maker & Voting Plugin Team (InfoTheme) WP Poll Maker allows Stored XSS.This issue affects WP Poll Maker: from n/a through 3.1.

Published: March 27, 2024; 8:15:10 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29817

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SERVIT Software Solutions affiliate-toolkit allows Stored XSS.This issue affects affiliate-toolkit: from n/a through 3.4.5.

Published: March 27, 2024; 8:15:09 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29816

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in htdat Woo Viet allows Stored XSS.This issue affects Woo Viet: from n/a through 1.5.2.

Published: March 27, 2024; 8:15:09 AM -0400
V3.x:(not available)
V2.0:(not available)