|
1781
|
8.8 |
HIGH
Network
|
ibm
|
watson_studio_local
|
IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
|
CWE-352
Origin Validation Error
|
CVE-2024-49340
|
2024-11-9 00:06 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1782
|
4.6 |
MEDIUM
Network
|
apache
|
nifi
|
Apache NiFi 1.10.0 through 1.27.0 and 2.0.0-M1 through 2.0.0-M3 support a description field for Parameters in a Parameter Context configuration that is vulnerable to cross-site scripting. An authenti…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45477
|
2024-11-9 00:03 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1783
|
7.2 |
HIGH
Network
|
davidlingren
|
media_library_assistant
|
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in David Lingren Media Library Assistant allows Command Injection.This issue affects Media Lib…
|
CWE-78
OS Command
|
CVE-2024-51661
|
2024-11-9 00:02 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1784
|
4.6 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path travers…
|
CWE-352
Origin Validation Error
|
CVE-2024-46872
|
2024-11-9 00:00 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1785
|
6.1 |
MEDIUM
Network
|
latex2html
|
latex2html
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Van Abel LaTeX2HTML allows Reflected XSS.This issue affects LaTeX2HTML: from n/a through 2…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49673
|
2024-11-8 23:57 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1786
|
6.1 |
MEDIUM
Network
|
samglover
|
client_power_tools
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sam Glover Client Power Tools Portal allows Reflected XSS.This issue affects Client Power …
|
CWE-79
Cross-site Scripting
|
CVE-2024-49670
|
2024-11-8 23:57 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1787
|
5.4 |
MEDIUM
Network
|
affiliatexblocks
|
affiliatex
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AffiliateX allows Stored XSS.This issue affects AffiliateX: from n/a through 1.2.9.
|
CWE-79
Cross-site Scripting
|
CVE-2024-49692
|
2024-11-8 23:55 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1788
|
5.4 |
MEDIUM
Network
|
brainstormforce
|
astra_widgets
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets allows Stored XSS.This issue affects Astra Widgets: from n/…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50439
|
2024-11-8 23:53 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1789
|
5.4 |
MEDIUM
Network
|
wpkoi
|
wpkoi_templates_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPKoi WPKoi Templates for Elementor allows Stored XSS.This issue affects WPKoi Templates f…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49679
|
2024-11-8 23:52 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1790
|
6.1 |
MEDIUM
Network
|
themoyles
|
church_admin
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Reflected XSS.This issue affects Church Admin: from n/a bef…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50438
|
2024-11-8 23:52 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
