NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Keyword (text search): xss

There are 7,923 matching records.

Displaying matches 4,101 through 4,120.

Vuln ID	Summary	CVSS Severity
CVE-2017-18833	Certain NETGEAR devices are affected by reflected XSS. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X before 12.0.2.15, M4300-48X before 12.0.2.15, and M4200 before 12.0.2.15. Published: April 20, 2020; 1:15:14 PM -0400	V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2017-18832	Certain NETGEAR devices are affected by stored XSS. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X before 12.0.2.15, M4300-48X before 12.0.2.15, and M4200 before 12.0.2.15. Published: April 20, 2020; 1:15:14 PM -0400	V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 3.5 LOW
CVE-2017-18831	Certain NETGEAR devices are affected by stored XSS. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X before 12.0.2.15, M4300-48X before 12.0.2.15, and M4200 before 12.0.2.15. Published: April 20, 2020; 1:15:14 PM -0400	V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 3.5 LOW
CVE-2017-18828	Certain NETGEAR devices are affected by stored XSS. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X before 12.0.2.15, M4300-48X before 12.0.2.15, and M4200 before 12.0.2.15. Published: April 20, 2020; 1:15:13 PM -0400	V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 3.5 LOW
CVE-2017-18827	Certain NETGEAR devices are affected by stored XSS. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X before 12.0.2.15, M4300-48X before 12.0.2.15, and M4200 before 12.0.2.15. Published: April 20, 2020; 1:15:13 PM -0400	V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 3.5 LOW
CVE-2017-18825	Certain NETGEAR devices are affected by stored XSS. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X before 12.0.2.15, M4300-48X before 12.0.2.15, and M4200 before 12.0.2.15. Published: April 20, 2020; 1:15:13 PM -0400	V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 3.5 LOW
CVE-2020-11888	python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute. Published: April 20, 2020; 12:15:14 PM -0400	V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2017-18839	Certain NETGEAR devices are affected by stored XSS. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X before 12.0.2.15, M4300-48X before 12.0.2.15, and M4200 before 12.0.2.15. Published: April 20, 2020; 12:15:13 PM -0400	V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 3.5 LOW
CVE-2020-11930	The GTranslate plugin before 2.8.52 for WordPress has Reflected XSS via a crafted link. This requires use of the hreflang tags feature within a sub-domain or sub-directory paid option. Published: April 19, 2020; 9:15:11 PM -0400	V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2020-11887	svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document. Published: April 17, 2020; 5:15:13 PM -0400	V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2020-5737	Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue. Published: April 17, 2020; 3:15:15 PM -0400	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2020-5729	In OpenMRS 2.9 and prior, the UI Framework Error Page reflects arbitrary, user-supplied input back to the browser, which can result in XSS. Any page that is able to trigger a UI Framework Error is susceptible to this issue. Published: April 17, 2020; 3:15:14 PM -0400	V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2020-5294	PrestaShop module ps_facetedsearch versions before 2.1.0 has a reflected XSS with social networks fields The problem is fixed in 2.1.0 Published: April 16, 2020; 6:15:13 PM -0400	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2020-5273	In PrestaShop module ps_linklist versions before 3.1.0, there is a stored XSS when using custom URLs. The problem is fixed in version 3.1.0 Published: April 16, 2020; 6:15:13 PM -0400	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2020-5266	In the ps_link module for PrestaShop before version 3.1.0, there is a stored XSS when you create or edit a link list block with the title field. The problem is fixed in 3.1.0 Published: April 16, 2020; 6:15:13 PM -0400	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2019-20759	NETGEAR R9000 devices before 1.0.4.26 are affected by stored XSS. Published: April 16, 2020; 6:15:13 PM -0400	V4.0:(not available) V3.1: 5.2 MEDIUM V2.0: 2.9 LOW
CVE-2019-20756	Certain NETGEAR devices are affected by reflected XSS. This affects EX7000 before 1.0.0.64, EX6200 before 1.0.3.86, EX6150 before 1.0.0.38, EX6130 before 1.0.0.22, EX6120 before 1.0.0.40, EX6100 before 1.0.2.22, EX6000 before 1.0.0.30, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, R8300 before 1.0.2.94, R7300DST before 1.0.0.62, R7000P before 1.3.0.20, R6900P before 1.3.0.20, R6400 before 1.0.1.32, R6300v2 before 1.0.4.24, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.18, and WN2500RPv2 before 1.0.1.52. Published: April 16, 2020; 6:15:12 PM -0400	V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2019-20752	Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7800 before 1.0.2.58, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. Published: April 16, 2020; 6:15:12 PM -0400	V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 3.5 LOW
CVE-2019-20750	Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX6150v2 before 1.0.1.76, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN2000RPTv3 before 1.0.1.32, WN3000RPv3 before 1.0.2.70, and WN3100RPv2 before 1.0.0.66. Published: April 16, 2020; 5:15:13 PM -0400	V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 3.5 LOW
CVE-2019-20749	Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN2000RPTv3 before 1.0.1.32, WN3000RPv3 before 1.0.2.70, and WN3100RPv2 before 1.0.0.66. Published: April 16, 2020; 5:15:12 PM -0400	V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 3.5 LOW