Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-39343 | 1 Mpl-publisher Project | 1 Mpl-publisher | 2021-10-22 | 3.5 LOW | 4.8 MEDIUM |
| The MPL-Publisher WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/libs/PublisherController.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.30.2. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. | |||||
| CVE-2021-39329 | 1 Ultimatemember | 1 Jobboardwp | 2021-10-22 | 3.5 LOW | 4.8 MEDIUM |
| The JobBoardWP WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/includes/admin/class-metabox.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.0.7. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. | |||||
| CVE-2018-18260 | 1 Tuzitio | 1 Camaleon Cms | 2021-10-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. The profile image in the User settings section can be run in the update / upload area via /admin/media/upload?actions=false. | |||||
| CVE-2021-29912 | 2 Ibm, Redhat | 2 Security Risk Manager On Cp4s, Openshift | 2021-10-22 | 3.5 LOW | 5.4 MEDIUM |
| IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207828. | |||||
| CVE-2021-38911 | 2 Ibm, Redhat | 2 Security Risk Manager On Cp4s, Openshift | 2021-10-22 | 4.0 MEDIUM | 4.9 MEDIUM |
| IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can be read by a an authenticatedl privileged user. IBM X-Force ID: 209940. | |||||
| CVE-2021-30845 | 1 Apple | 1 Macos | 2021-10-22 | 4.9 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6. A local user may be able to read kernel memory. | |||||
| CVE-2021-24752 | 1 Catchplugins | 10 Catch Scroll Progress Bar, Catch Sticky Menu, Catch Themes Demo Import and 7 more | 2021-10-22 | 3.5 LOW | 5.7 MEDIUM |
| Multiple Plugins from the CatchThemes vendor do not perform capability and CSRF checks in the ctp_switch AJAX action, which could allow any authenticated users, such as Subscriber to change the Essential Widgets WordPress plugin before 1.9, To Top WordPress plugin before 2.3, Header Enhancement WordPress plugin before 1.5, Generate Child Theme WordPress plugin before 1.6, Essential Content Types WordPress plugin before 1.9, Catch Web Tools WordPress plugin before 2.7, Catch Under Construction WordPress plugin before 1.4, Catch Themes Demo Import WordPress plugin before 1.6, Catch Sticky Menu WordPress plugin before 1.7, Catch Scroll Progress Bar WordPress plugin before 1.6, Social Gallery and Widget WordPress plugin before 2.3, Catch Infinite Scroll WordPress plugin before 1.9, Catch Import Export WordPress plugin before 1.9, Catch Gallery WordPress plugin before 1.7, Catch Duplicate Switcher WordPress plugin before 1.6, Catch Breadcrumb WordPress plugin before 1.7, Catch IDs WordPress plugin before 2.4's configurations. | |||||
| CVE-2021-20836 | 1 Omron | 1 Cx-supervisor | 2021-10-22 | 6.0 MEDIUM | 6.5 MEDIUM |
| Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privileges to cause information disclosure and/or arbitrary code execution by opening a specially crafted SCS project files. | |||||
| CVE-2021-38476 | 1 Inhandnetworks | 2 Ir615, Ir615 Firmware | 2021-10-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 authentication process response indicates and validates the existence of a username. This may allow an attacker to enumerate different user accounts. | |||||
| CVE-2021-41156 | 1 Timetracker Project | 1 Timetracker | 2021-10-22 | 3.5 LOW | 5.4 MEDIUM |
| anuko/timetracker is an, open source time tracking system. In affected versions Time Tracker uses browser_today hidden control on a few pages to collect the today's date from user browsers. Because of not checking this parameter for sanity in versions prior to 1.19.30.5601, it was possible to craft an html form with malicious JavaScript, use social engineering to convince logged on users to execute a POST from such form, and have the attacker-supplied JavaScript to be executed in user's browser. This has been patched in version 1.19.30.5600. Upgrade is recommended. If it is not practical, introduce ttValidDbDateFormatDate function as in the latest version and add a call to it within the access checks block. | |||||
| CVE-2021-38482 | 1 Inhandnetworks | 2 Ir615, Ir615 Firmware | 2021-10-22 | 3.5 LOW | 4.8 MEDIUM |
| InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 website used to control the router is vulnerable to stored cross-site scripting, which may allow an attacker to hijack sessions of users connected to the system. | |||||
| CVE-2021-41151 | 1 Linuxfoundation | 1 Backstage | 2021-10-22 | 4.0 MEDIUM | 4.9 MEDIUM |
| Backstage is an open platform for building developer portals. In affected versions A malicious actor could read sensitive files from the environment where Scaffolder Tasks are run. The attack is executed by crafting a custom Scaffolder template with a `github:publish:pull-request` action and a particular source path. When the template is executed the sensitive files would be included in the published pull request. This vulnerability is mitigated by the fact that an attacker would need access to create and register templates in the Backstage catalog, and that the attack is very visible given that the exfiltration happens via a pull request. The vulnerability is patched in the `0.15.9` release of `@backstage/plugin-scaffolder-backend`. | |||||
| CVE-2021-42055 | 1 Asus | 2 Ux582lr, Ux582lr Firmware | 2021-10-22 | 4.6 MEDIUM | 6.8 MEDIUM |
| ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow attacks by a physically proximate attacker. | |||||
| CVE-2021-39349 | 1 Author Bio Box Project | 1 Author Bio Box | 2021-10-22 | 2.1 LOW | 4.8 MEDIUM |
| The Author Bio Box WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/includes/admin/class-author-bio-box-admin.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 3.3.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. | |||||
| CVE-2021-38468 | 1 Inhandnetworks | 2 Ir615, Ir615 Firmware | 2021-10-22 | 3.5 LOW | 4.8 MEDIUM |
| InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to stored cross-scripting, which may allow an attacker to hijack sessions of users connected to the system. | |||||
| CVE-2021-38466 | 1 Inhandnetworks | 2 Ir615, Ir615 Firmware | 2021-10-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 do not perform sufficient input validation on client requests from the help page. This may allow an attacker to perform a reflected cross-site scripting attack, which could allow an attacker to run code on behalf of the client browser. | |||||
| CVE-2021-38472 | 1 Inhandnetworks | 2 Ir615, Ir615 Firmware | 2021-10-22 | 4.3 MEDIUM | 4.7 MEDIUM |
| InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 management portal does not contain an X-FRAME-OPTIONS header, which an attacker may take advantage of by sending a link to an administrator that frames the router’s management portal and could lure the administrator to perform changes. | |||||
| CVE-2021-32609 | 1 Apache | 1 Superset | 2021-10-22 | 3.5 LOW | 5.4 MEDIUM |
| Apache Superset up to and including 1.1 does not sanitize titles correctly on the Explore page. This allows an attacker with Explore access to save a chart with a malicious title, injecting html (including scripts) into the page. | |||||
| CVE-2021-24743 | 1 Secondlinethemes | 1 Podcast Subscribe Buttons | 2021-10-22 | 3.5 LOW | 5.4 MEDIUM |
| The Podcast Subscribe Buttons WordPress plugin before 1.4.2 allows users with any role capable of editing or adding posts to perform stored XSS. | |||||
| CVE-2021-24740 | 1 Themeum | 1 Tutor Lms | 2021-10-22 | 3.5 LOW | 4.8 MEDIUM |
| The Tutor LMS WordPress plugin before 1.9.9 does not escape some of its settings before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | |||||
| CVE-2021-24736 | 1 Tammersoft | 1 Shared Files | 2021-10-22 | 3.5 LOW | 4.8 MEDIUM |
| The Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files WordPress plugin before 1.6.57 does not sanitise and escape some of its settings before outputting them in attributes, which could lead to Stored Cross-Site Scripting issues. | |||||
| CVE-2021-24735 | 1 Tipsandtricks-hq | 1 Compact Wp Audio Player | 2021-10-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| The Compact WP Audio Player WordPress plugin before 1.9.7 does not implement nonce checks, which could allow attackers to make a logged in admin change the "Disable Simultaneous Play" setting via a CSRF attack. | |||||
| CVE-2011-1497 | 1 Rubyonrails | 1 Rails | 2021-10-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6. | |||||
| CVE-2021-3851 | 1 Firefly-iii | 1 Firefly Iii | 2021-10-21 | 4.9 MEDIUM | 5.4 MEDIUM |
| firefly-iii is vulnerable to URL Redirection to Untrusted Site | |||||
| CVE-2021-3863 | 1 Snipeitapp | 1 Snipe-it | 2021-10-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3879 | 1 Snipeitapp | 1 Snipe-it | 2021-10-21 | 3.5 LOW | 5.4 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-25968 | 1 Alkacon | 1 Opencms | 2021-10-21 | 3.5 LOW | 5.4 MEDIUM |
| In “OpenCMS”, versions 10.5.0 to 11.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the Sitemap functionality. These scripts are executed in a victim’s browser when they open the page containing the vulnerable field. | |||||
| CVE-2021-42650 | 1 Portainer | 1 Portainer | 2021-10-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS vulnerability exists in Portainer before 2.9.1 via the node input box in Custom Templates. | |||||
| CVE-2020-8291 | 1 Rocket.chat | 1 Rocket.chat | 2021-10-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A link preview rendering issue in Rocket.Chat versions before 3.9 could lead to potential XSS attacks. | |||||
| CVE-2010-2496 | 1 Clusterlabs | 2 Cluster Glue, Pacemaker | 2021-10-21 | 2.1 LOW | 5.5 MEDIUM |
| stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its operations. This is fixed in cluster-glue 1.0.6 and newer, and pacemaker 1.1.3 and newer. | |||||
| CVE-2021-24734 | 1 Tipsandtricks-hq | 1 Compact Wp Audio Player | 2021-10-21 | 3.5 LOW | 5.4 MEDIUM |
| The Compact WP Audio Player WordPress plugin before 1.9.7 does not escape some of its shortcodes attributes, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks. | |||||
| CVE-2021-24732 | 1 Dearhive | 1 Dearflip | 2021-10-21 | 3.5 LOW | 5.4 MEDIUM |
| The PDF Flipbook, 3D Flipbook WordPress – DearFlip WordPress plugin before 1.7.10 does not escape the class attribute of its shortcode before outputting it back in an attribute, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks | |||||
| CVE-2021-24416 | 1 Bplugins | 1 Streamcast Radio Player | 2021-10-21 | 3.5 LOW | 5.4 MEDIUM |
| The StreamCast – Radio Player for WordPress plugin before 2.1.1 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode | |||||
| CVE-2021-24415 | 1 Bplugins | 1 Polo Video Gallery | 2021-10-21 | 3.5 LOW | 5.4 MEDIUM |
| The Polo Video Gallery – Best wordpress video gallery plugin WordPress plugin through 1.2 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode | |||||
| CVE-2021-24413 | 1 Bplugins | 1 Easy Twitter Feed | 2021-10-21 | 3.5 LOW | 5.4 MEDIUM |
| The Easy Twitter Feed WordPress plugin before 1.2 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode | |||||
| CVE-2021-24702 | 1 Thimpress | 1 Learnpress | 2021-10-21 | 2.1 LOW | 4.8 MEDIUM |
| The LearnPress WordPress plugin before 4.1.3.1 does not properly sanitize or escape various inputs within course settings, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfiltred_html capability is disallowed | |||||
| CVE-2021-39864 | 1 Adobe | 2 Commerce, Magento Open Source | 2021-10-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and earlier) and 2.3.7p1 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to customer cart by an unauthenticated attacker. Access to the admin console is not required for successful exploitation. | |||||
| CVE-2021-24412 | 1 Bplugins | 1 Html5 Audio Player | 2021-10-21 | 3.5 LOW | 5.4 MEDIUM |
| The Html5 Audio Player – Audio Player for WordPress plugin before 2.1.3 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode | |||||
| CVE-2021-24516 | 1 Planso | 1 Planso Forms | 2021-10-21 | 3.5 LOW | 4.8 MEDIUM |
| The PlanSo Forms WordPress plugin through 2.6.3 does not escape the title of its Form before outputting it in attributes, allowing high privilege users such as admin to set XSS payload in it, even when the unfiltered_html is disallowed, leading to an Authenticated Stored Cross-Site Scripting issue. | |||||
| CVE-2021-24617 | 1 Gamepress Project | 1 Gamepress | 2021-10-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The GamePress WordPress plugin through 1.1.0 does not escape the op_edit POST parameter before outputting it back in multiple Game Option pages, leading to Reflected Cross-Site Scripting issues | |||||
| CVE-2021-24622 | 1 Emarketdesign | 1 Customer Service Software \& Support Ticket System | 2021-10-21 | 3.5 LOW | 4.8 MEDIUM |
| The Customer Service Software & Support Ticket System WordPress plugin before 5.10.4 does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | |||||
| CVE-2021-24612 | 1 Sociable Project | 1 Sociable | 2021-10-21 | 3.5 LOW | 4.8 MEDIUM |
| The Sociable WordPress plugin through 4.3.4.1 does not sanitise or escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfiltered_html capability is disallowed | |||||
| CVE-2021-29878 | 1 Ibm | 1 Business Automation Workflow | 2021-10-21 | 3.5 LOW | 5.4 MEDIUM |
| IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 206581. | |||||
| CVE-2021-24760 | 1 Pdf Viewer Block For Gutenberg Project | 1 Pdf Viewer Block For Gutenberg | 2021-10-21 | 3.5 LOW | 5.4 MEDIUM |
| The Gutenberg PDF Viewer Block WordPress plugin before 1.0.1 does not sanitise and escape its block, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks. | |||||
| CVE-2021-42566 | 1 Myfactory | 1 Fms | 2021-10-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| myfactory.FMS before 7.1-912 allows XSS via the Error parameter. | |||||
| CVE-2021-42565 | 1 Myfactory | 1 Fms | 2021-10-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| myfactory.FMS before 7.1-912 allows XSS via the UID parameter. | |||||
| CVE-2021-36097 | 1 Otrs | 1 Otrs | 2021-10-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Agents are able to lock the ticket without the "Owner" permission. Once the ticket is locked, it could be moved to the queue where the agent has "rw" permissions and gain a full control. This issue affects: OTRS AG OTRS 8.0.x version: 8.0.16 and prior versions. | |||||
| CVE-2018-16061 | 1 Mitsubishielectric | 2 Smartrtu, Smartrtu Firmware | 2021-10-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mitsubishi Electric SmartRTU devices allow XSS via the username parameter or PATH_INFO to login.php. | |||||
| CVE-2021-40994 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-10-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2020-8185 | 2 Fedoraproject, Rubyonrails | 2 Fedora, Rails | 2021-10-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production. | |||||