Total
44848 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2029 | 1 Kromit | 1 Titra | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - DOM in GitHub repository kromitgmbh/titra prior to 0.77.0. | ||||
| CVE-2022-2028 | 1 Kromit | 1 Titra | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Generic in GitHub repository kromitgmbh/titra prior to 0.77.0. | ||||
| CVE-2022-2026 | 1 Kromit | 1 Titra | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository kromitgmbh/titra prior to 0.77.0. | ||||
| CVE-2022-2016 | 1 Facturascripts | 1 Facturascripts | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository neorazorx/facturascripts prior to 2022.1. | ||||
| CVE-2022-2015 | 1 Diagrams | 1 Drawio | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 19.0.2. | ||||
| CVE-2022-29976 | 1 Altn | 1 Mdaemon | 2024-11-21 | 5.4 Medium |
| An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 . | ||||
| CVE-2022-29975 | 1 Altn | 1 Mdaemon | 2024-11-21 | 5.4 Medium |
| An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 . | ||||
| CVE-2022-29969 | 1 Mediawiki | 1 Rss For Mediawiki | 2024-11-21 | 6.1 Medium |
| The RSS extension before 2022-04-29 for MediaWiki allows XSS via an rss element (if the feed is in $wgRSSUrlWhitelist and $wgRSSAllowLinkTag is true). | ||||
| CVE-2022-29947 | 1 Woodpecker-ci | 1 Woodpecker | 2024-11-21 | 6.1 Medium |
| Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping. | ||||
| CVE-2022-29940 | 1 Librehealth | 1 Librehealth Ehr | 2024-11-21 | 5.4 Medium |
| In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters formseq and formid in interface\orders\find_order_popup.php leads to multiple cross-site scripting (XSS) vulnerabilities. | ||||
| CVE-2022-29939 | 1 Librehealth | 1 Librehealth Ehr | 2024-11-21 | 5.4 Medium |
| In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters debug and InsId in interface\billing\sl_eob_process.php leads to multiple cross-site scripting (XSS) vulnerabilities. | ||||
| CVE-2022-29929 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 3.7 Low |
| In JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible | ||||
| CVE-2022-29927 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 4.6 Medium |
| In JetBrains TeamCity before 2022.04 reflected XSS on the Build Chain Status page was possible | ||||
| CVE-2022-29923 | 1 Thingsforrestaurants | 1 Quick Restaurant Reservations | 2024-11-21 | 5.9 Medium |
| Cross-site Scripting (XSS) vulnerability in ThingsForRestaurants Quick Restaurant Reservations (WordPress plugin) allows Reflected XSS.This issue affects Quick Restaurant Reservations (WordPress plugin): from n/a through 1.4.1. | ||||
| CVE-2022-29907 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 6.1 Medium |
| The Nimbus skin for MediaWiki through 1.37.2 (before 6f9c8fb868345701d9544a54d9752515aace39df) allows XSS in Advertise link messages. | ||||
| CVE-2022-29894 | 1 Strapi | 1 Strapi | 2024-11-21 | 4.8 Medium |
| Strapi v3.x.x versions and earlier contain a stored cross-site scripting vulnerability in file upload function. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege. | ||||
| CVE-2022-29890 | 1 Octopus | 1 Octopus Server | 2024-11-21 | 6.1 Medium |
| In affected versions of Octopus Server the help sidebar can be customized to include a Cross-Site Scripting payload in the support link. | ||||
| CVE-2022-29887 | 1 Intel | 1 Manageability Commander | 2024-11-21 | 8.1 High |
| Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | ||||
| CVE-2022-29817 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 3.9 Low |
| In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible | ||||
| CVE-2022-29816 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 2.8 Low |
| In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible | ||||