Total
38405 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30776 | 1 Atmail | 1 Atmail | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter. | |||||
| CVE-2022-30770 | 1 Terminalfour | 1 Terminalfour | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Terminalfour versions 8.3.7, 8.3.x versions prior to version 8.3.8 and r 8.2.x versions prior to version 8.2.18.5 or 8.2.18.2.1 are vulnerable to (XSS) vulnerability that could be exploited by an attacker to mislead an administrator and steal their credentials. | |||||
| CVE-2022-30690 | 1 Wwbn | 1 Avideo | 2024-11-21 | N/A | 6.1 MEDIUM |
| A cross-site scripting (xss) vulnerability exists in the image403 functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability. | |||||
| CVE-2022-30686 | 1 Adobe | 1 Experience Manager | 2024-11-21 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. | |||||
| CVE-2022-30685 | 1 Adobe | 1 Experience Manager | 2024-11-21 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. | |||||
| CVE-2022-30684 | 1 Adobe | 1 Experience Manager | 2024-11-21 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. | |||||
| CVE-2022-30682 | 1 Adobe | 1 Experience Manager | 2024-11-21 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. | |||||
| CVE-2022-30681 | 1 Adobe | 1 Experience Manager | 2024-11-21 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. | |||||
| CVE-2022-30680 | 1 Adobe | 1 Experience Manager | 2024-11-21 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. | |||||
| CVE-2022-30679 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | |||||
| CVE-2022-30678 | 1 Adobe | 1 Experience Manager | 2024-11-21 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. | |||||
| CVE-2022-30677 | 1 Adobe | 1 Experience Manager | 2024-11-21 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. | |||||
| CVE-2022-30611 | 2 Ibm, Linux | 2 Spectrum Copy Data Management, Linux Kernel | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using some fields of the form in the portal UI to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 227364. | |||||
| CVE-2022-30604 | 1 Cybozu | 1 Office | 2024-11-21 | N/A | 6.1 MEDIUM |
| Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors. | |||||
| CVE-2022-30596 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk. | |||||
| CVE-2022-30576 | 1 Tibco | 2 Data Science - Workbench, Statistica | 2024-11-21 | N/A | 8.7 HIGH |
| The Web Console component of TIBCO Software Inc.'s TIBCO Data Science - Workbench, TIBCO Statistica, TIBCO Statistica - Estore Edition, and TIBCO Statistica Trial contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Data Science - Workbench: versions 14.0.0 and below, TIBCO Statistica: versions 14.0.0 and below, TIBCO Statistica - Estore Edition: versions 14.0.0 and below, and TIBCO Statistica Trial: versions 14.0.0 and below. | |||||
| CVE-2022-30575 | 1 Tibco | 2 Data Science - Workbench, Statistica | 2024-11-21 | N/A | 7.3 HIGH |
| The Web Console component of TIBCO Software Inc.'s TIBCO Data Science - Workbench, TIBCO Statistica, TIBCO Statistica - Estore Edition, and TIBCO Statistica Trial contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim's local system. Affected releases are TIBCO Software Inc.'s TIBCO Data Science - Workbench: versions 14.0.0 and below, TIBCO Statistica: versions 14.0.0 and below, TIBCO Statistica - Estore Edition: versions 14.0.0 and below, and TIBCO Statistica Trial: versions 14.0.0 and below. | |||||
| CVE-2022-30571 | 1 Tibco | 1 Iway Service Manager | 2024-11-21 | N/A | 8.1 HIGH |
| The iWay Service Manager Console component of TIBCO Software Inc.'s TIBCO iWay Service Manager contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker with network access to execute scripts targeting the affected system or the victim's local system. Affected releases are TIBCO Software Inc.'s TIBCO iWay Service Manager: versions 8.0.6 and below. | |||||
| CVE-2022-30545 | 1 5-anker | 1 5 Anker Connect | 2024-11-21 | N/A | 4.8 MEDIUM |
| Auth. Reflected Cross-Site Scripting (XSS) vulnerability in 5 Anker Connect plugin <= 1.2.6 on WordPress. | |||||
| CVE-2022-30536 | 1 Wp Maintenance Project | 1 Wp Maintenance | 2024-11-21 | N/A | 3.4 LOW |
| Authenticated Stored Cross-Site Scripting (XSS) vulnerability in Florent Maillefaud's WP Maintenance plugin <= 6.0.7 at WordPress. | |||||