Total
41714 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15499 | 2 Apple, Hackmd | 2 Safari, Codimd | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| CodiMD 1.3.1, when Safari is used, allows XSS via an IFRAME element with allow-top-navigation in the sandbox attribute, in conjunction with a data: URL. | |||||
| CVE-2019-15492 | 1 It-novum | 1 Openitcockpit | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| openITCOCKPIT before 3.7.1 has reflected XSS, aka RVID 3-445b21. | |||||
| CVE-2019-15489 | 1 Laracom | 1 Laracom | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| laracom (aka Laravel FREE E-Commerce Software) 1.4.11 has search?q= XSS. | |||||
| CVE-2019-15488 | 1 Igniterealtime | 1 Openfire | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP setup test. | |||||
| CVE-2019-15487 | 1 Schoolexperience | 1 Department For Education School Experience | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| DfE School Experience before v16333-GA has XSS via a teacher training URL. | |||||
| CVE-2019-15486 | 1 Django Js Reverse Project | 1 Django Js Reserve | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_reverse_inline. | |||||
| CVE-2019-15485 | 1 Boltcms | 1 Bolt | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php. | |||||
| CVE-2019-15484 | 1 Boltcms | 1 Bolt | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Bolt before 3.6.10 has XSS via an image's alt or title field. | |||||
| CVE-2019-15483 | 1 Boltcms | 1 Bolt | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Bolt before 3.6.10 has XSS via a title that is mishandled in the system log. | |||||
| CVE-2019-15482 | 1 Selectize-plugin-a11y Project | 1 Selectize-plugin-a11y | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| selectize-plugin-a11y before 1.1.0 has XSS via the msg field. | |||||
| CVE-2019-15481 | 1 Kimai | 1 Kimai 2 | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Kimai v2 before 1.1 has XSS via a timesheet description. | |||||
| CVE-2019-15480 | 1 Domoticz | 1 Domoticz | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Domoticz 4.10717 has XSS via item.Name. | |||||
| CVE-2019-15479 | 1 Status Board Project | 1 Status Board | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Status Board 1.1.81 has reflected XSS via dashboard.ts. | |||||
| CVE-2019-15478 | 1 Status Board Project | 1 Status Board | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Status Board 1.1.81 has reflected XSS via logic.ts. | |||||
| CVE-2019-15477 | 1 Jooby | 1 Jooby | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Jooby before 1.6.4 has XSS via the default error handler. | |||||
| CVE-2019-15476 | 1 Former Project | 1 Former | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Former before 4.2.1 has XSS via a checkbox value. | |||||
| CVE-2019-15331 | 1 Wpsupportplus | 1 Wp Support Plus Responsive Ticket System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for WordPress has HTML injection. | |||||
| CVE-2019-15328 | 1 Codection | 1 Import Users From Csv With Meta | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS. | |||||
| CVE-2019-15327 | 1 Codection | 1 Import Users From Csv With Meta | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data. | |||||
| CVE-2019-15317 | 1 Givewp | 1 Givewp | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The give plugin before 2.4.7 for WordPress has XSS via a donor name. | |||||