Total
41073 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-5967 | 1 Joruri | 1 Joruri Cms 2017 | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Joruri CMS 2017 Release2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2019-5962 | 1 Zoho | 1 Salesiq | 2024-11-21 | 6.1 Medium |
| Cross-site scripting vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2019-5947 | 1 Cybozu | 1 Garoon | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'. | ||||
| CVE-2019-5940 | 1 Cybozu | 1 Garoon | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Scheduler'. | ||||
| CVE-2019-5939 | 1 Cybozu | 1 Garoon | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Portal'. | ||||
| CVE-2019-5938 | 1 Cybozu | 1 Garoon | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Mail'. | ||||
| CVE-2019-5937 | 1 Cybozu | 1 Garoon | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the user information. | ||||
| CVE-2019-5932 | 1 Cybozu | 1 Garoon | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Portal'. | ||||
| CVE-2019-5929 | 1 Cybozu | 1 Garoon | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via the application 'Memo'. | ||||
| CVE-2019-5928 | 1 Cybozu | 1 Garoon | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via Customize Item function. | ||||
| CVE-2019-5926 | 1 Kinagacms Project | 1 Kinagacms | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in KinagaCMS versions prior to 6.5 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2019-5925 | 1 Dradisframework | 1 Dradis | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Dradis Community Edition Dradis Community Edition v3.11 and earlier and Dradis Professional Edition v3.1.1 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2019-5888 | 1 Overit | 1 Geocall | 2024-11-21 | 6.1 Medium |
| Multiple XSS vulnerabilities were discovered in OverIT Geocall 6.3 before build 2:346977. | ||||
| CVE-2019-5778 | 4 Debian, Fedoraproject, Google and 1 more | 7 Debian Linux, Fedora, Chrome and 4 more | 2024-11-21 | N/A |
| A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension. | ||||
| CVE-2019-5727 | 1 Splunk | 1 Splunk | 2024-11-21 | N/A |
| Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS, aka SPL-138827. | ||||
| CVE-2019-5594 | 1 Fortinet | 1 Fortinac | 2024-11-21 | N/A |
| An Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Fortinet FortiNAC 8.3.0 to 8.3.6 and 8.5.0 admin webUI may allow an unauthenticated attacker to perform a reflected XSS attack via the search field in the webUI. | ||||
| CVE-2019-5590 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A |
| The URL part of the report message is not encoded in Fortinet FortiWeb 6.0.2 and below which may allow an attacker to execute unauthorized code or commands (Cross Site Scripting) via attack reports generated in HTML form. | ||||
| CVE-2019-5588 | 1 Fortinet | 1 Fortios | 2024-11-21 | N/A |
| A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "err" parameter of the error process HTTP requests. | ||||
| CVE-2019-5586 | 1 Fortinet | 1 Fortios | 2024-11-21 | N/A |
| A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "param" parameter of the error process HTTP requests. | ||||
| CVE-2019-5471 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.4 Medium |
| An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. This was addressed in GitLab 12.1.2, 12.0.4, and 11.11.6. | ||||