U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): xss
  • Search Type: Search All
There are 21,124 matching records.
Displaying matches 521 through 540.
Vuln ID Summary CVSS Severity
CVE-2022-23543

Silverware Games is a social network where people can play games online. Users can attach URLs to YouTube videos, the site will generate related `<iframe>` when the post will be published. The handler has some sort of protection so non-YouTube links can't be posted, as well as HTML tags are being stripped. However, it was still possible to add custom HTML attributes (e.g. `onclick=alert("xss")`) to the `<iframe>'. This issue was fixed in the version `1.1.34` and does not require any extra actions from our members. There has been no evidence that this vulnerability was used by anyone at this time.

Published: December 19, 2022; 5:15:10 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-4615

Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2.

Published: December 19, 2022; 3:15:13 PM -0500
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2022-4614

Cross-site Scripting (XSS) - Stored in GitHub repository alagrede/znote-app prior to 1.7.11.

Published: December 19, 2022; 3:15:13 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-44474

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:13 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-44471

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:13 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-44470

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:13 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-44467

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:13 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-44466

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:13 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-44465

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:13 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-44463

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:13 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-42365

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:12 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-42364

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:12 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-42362

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:12 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-42357

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:12 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-42356

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:12 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-42354

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:12 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-42352

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:12 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-42350

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:12 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-42349

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:12 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-42348

Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

Published: December 19, 2022; 3:15:12 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)