Search Results (47124 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-62653 1 Mediawiki 1 Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki PollNY extension allows Stored XSS.This issue affects MediaWiki PollNY extension: 1.39, 1.43, 1.44.
CVE-2021-23282 2026-04-15 5.2 Medium
Eaton Intelligent Power Manager (IPM) prior to 1.70 is vulnerable to stored Cross site scripting. The vulnerability exists due to insufficient validation of input from certain resources by the IPM software. The attacker would need access to the local Subnet and an administrator interaction to compromise the system
CVE-2025-62654 1 Mediawiki 1 Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki QuizGame extension allows Stored XSS.This issue affects MediaWiki QuizGame extension: 1.39, 1.43, 1.44.
CVE-2025-62656 1 Mediawiki 2 Globalblocking, Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki GlobalBlocking extension allows Stored XSS.This issue affects MediaWiki GlobalBlocking extension: 1.43, 1.44.
CVE-2025-62657 1 Mediawiki 2 Mediawiki, Pageforms 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki PageForms extension allows Stored XSS.This issue affects MediaWiki PageForms extension: 1.44.
CVE-2025-62664 1 Mediawiki 1 Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - ImageRating Extension allows Stored XSS.This issue affects Mediawiki - ImageRating Extension: from master before 1.39.
CVE-2025-62659 1 Mediawiki 2 Cookieconsent, Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki CookieConsent extension allows Cross-Site Scripting (XSS).This issue affects MediaWiki CookieConsent extension: from v0.1.0 before v2.0.0.
CVE-2023-53735 1 Webigniter 1 Webigniter 2026-04-15 N/A
WEBIGniter 28.7.23 contains a cross-site scripting vulnerability in the user creation process that allows unauthenticated attackers to execute malicious JavaScript code, enabling potential XSS attacks.
CVE-2025-62662 1 Mediawiki 1 Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - AdvancedSearch Extension allows Stored XSS.This issue affects Mediawiki - AdvancedSearch Extension: from master before 1.39.
CVE-2025-62663 1 Mediawiki 1 Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - UploadWizard Extension allows Stored XSS.This issue affects Mediawiki - UploadWizard Extension: from master before 1.39.
CVE-2025-62665 1 Mediawiki 1 Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - Skin:BlueSky allows Stored XSS.This issue affects Mediawiki - Skin:BlueSky: from master before 1.39.
CVE-2025-62667 1 Mediawiki 1 Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Stored XSS.This issue affects Mediawiki - GrowthExperiments Extension: from master before 1.39.
CVE-2025-62670 1 Mediawiki 1 Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - FlexDiagrams Extension allows Stored XSS.This issue affects Mediawiki - FlexDiagrams Extension: master.
CVE-2025-62671 1 Mediawiki 1 Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: master.
CVE-2025-6268 2026-04-15 4.3 Medium
A vulnerability classified as problematic has been found in Luna Imaging up to 7.5.5.6. Affected is an unknown function of the file /luna/servlet/view/search. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-62694 1 Mediawiki 1 Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - WikiLove Extension allows Stored XSS.This issue affects Mediawiki - WikiLove Extension: 1.39.
CVE-2025-62693 1 Mediawiki 2 Lastmodified, Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - LastModified Extension allows Stored XSS.This issue affects Mediawiki - LastModified Extension: from master before 1.39.
CVE-2025-62695 1 Mediawiki 1 Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - WikiLambda Extension allows Stored XSS.This issue affects Mediawiki - WikiLambda Extension: master.
CVE-2024-13722 2026-04-15 5.4 Medium
The "NagVis" component within Checkmk is vulnerable to reflected cross-site scripting. An attacker can craft a malicious link that will execute arbitrary JavaScript in the context of the browser once clicked. The attack can be performed on both authenticated and unauthenticated users.
CVE-2025-62698 1 Mediawiki 2 Externalguidance, Mediawiki 2026-04-15 N/A
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - ExternalGuidance allows Stored XSS.This issue affects Mediawiki - ExternalGuidance: from master before 1.39.