Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-26006

Summary
Assigner-fortinet
Assigner Org ID-6abe59d8-c742-4dff-8ce8-9b0ca1073da8
Published At-14 Mar, 2025 | 09:24
Updated At-15 Mar, 2025 | 03:55
Rejected At-
Credits

An improper neutralization of input during web page Generation vulnerability [CWE-79] in FortiOS version 7.4.3 and below, version 7.2.7 and below, version 7.0.13 and below and FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below web SSL VPN UI may allow a remote unauthenticated attacker to perform a Cross-Site Scripting attack via a malicious samba server.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:fortinet
Assigner Org ID:6abe59d8-c742-4dff-8ce8-9b0ca1073da8
Published At:14 Mar, 2025 | 09:24
Updated At:15 Mar, 2025 | 03:55
Rejected At:
▼CVE Numbering Authority (CNA)

An improper neutralization of input during web page Generation vulnerability [CWE-79] in FortiOS version 7.4.3 and below, version 7.2.7 and below, version 7.0.13 and below and FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below web SSL VPN UI may allow a remote unauthenticated attacker to perform a Cross-Site Scripting attack via a malicious samba server.

Affected Products
Vendor
Fortinet, Inc.Fortinet
Product
FortiProxy
Default Status
unaffected
Versions
Affected
  • From 7.4.0 through 7.4.3 (semver)
  • From 7.2.0 through 7.2.9 (semver)
  • From 7.0.0 through 7.0.16 (semver)
Vendor
Fortinet, Inc.Fortinet
Product
FortiOS
CPEs
  • cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 7.4.0 through 7.4.3 (semver)
  • From 7.2.0 through 7.2.7 (semver)
  • From 7.0.0 through 7.0.13 (semver)
  • From 6.4.0 through 6.4.15 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-79Execute unauthorized code or commands
Type: CWE
CWE ID: CWE-79
Description: Execute unauthorized code or commands
Metrics
VersionBase scoreBase severityVector
3.16.9MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:X/RC:X
Version: 3.1
Base score: 6.9
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:X/RC:X
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Please upgrade to FortiProxy version 7.4.4 or above Please upgrade to FortiProxy version 7.2.10 or above Please upgrade to FortiProxy version 7.0.17 or above Please upgrade to FortiOS version 7.4.4 or above Please upgrade to FortiOS version 7.2.8 or above Please upgrade to FortiOS version 7.0.14 or above

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://fortiguard.fortinet.com/psirt/FG-IR-23-485
N/A
Hyperlink: https://fortiguard.fortinet.com/psirt/FG-IR-23-485
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@fortinet.com
Published At:14 Mar, 2025 | 10:15
Updated At:14 Mar, 2025 | 10:15

An improper neutralization of input during web page Generation vulnerability [CWE-79] in FortiOS version 7.4.3 and below, version 7.2.7 and below, version 7.0.13 and below and FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below web SSL VPN UI may allow a remote unauthenticated attacker to perform a Cross-Site Scripting attack via a malicious samba server.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-79Primarypsirt@fortinet.com
CWE ID: CWE-79
Type: Primary
Source: psirt@fortinet.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://fortiguard.fortinet.com/psirt/FG-IR-23-485psirt@fortinet.com
N/A
Hyperlink: https://fortiguard.fortinet.com/psirt/FG-IR-23-485
Source: psirt@fortinet.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

118Records found

CVE-2020-1607
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.34% / 55.77%
||
7 Day CHG~0.00%
Published-15 Jan, 2020 | 08:40
Updated-16 Sep, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: Cross-Site Scripting (XSS) in J-Web

Insufficient Cross-Site Scripting (XSS) protection in J-Web may potentially allow a remote attacker to inject web script or HTML, hijack the target user's J-Web session and perform administrative actions on the Junos device as the targeted user. This issue affects Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D86, 12.3X48-D90 on SRX Series; 14.1X53 versions prior to 14.1X53-D51 on EX and QFX Series; 15.1F6 versions prior to 15.1F6-S13; 15.1 versions prior to 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190 on SRX Series; 15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D592 on EX2300/EX3400 Series; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R3-S2; 17.3 versions prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R2-S5, 18.2R3; 18.3 versions prior to 18.3R1-S6, 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2; 19.1 versions prior to 19.1R1-S2, 19.1R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-srx345qfx3600srx5800srx110qfx5210srx220qfx5110ex3400qfx3000-gsrx5400ex4650srx100srx3400srx300srx550qfx5200junossrx210qfx3100srx1500qfx3000-mqfx3500srx4200srx340qfx10008qfx10002ex9200qfx3008-isrx4100qfx3600-isrx240srx3600qfx10016qfx5100ex4300ex9250ex2300srx1400ex4600srx320srx5600ex2300-csrx650srx4600Junos OS
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-42967
Matching Score-4
Assigner-JFrog
ShareView Details
Matching Score-4
Assigner-JFrog
CVSS Score-7.5||HIGH
EPSS-0.11% / 29.41%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 00:00
Updated-08 Apr, 2025 | 14:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XSS in Caret markdown editor leads to remote code execution when viewing crafted Markdown files

Caret is vulnerable to an XSS attack when the user opens a crafted Markdown file when preview mode is enabled. This directly leads to client-side code execution.

Action-Not Available
Vendor-caretcareteditor
Product-caretcaret
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-1430
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.5||HIGH
EPSS-0.42% / 61.15%
||
7 Day CHG+0.03%
Published-18 May, 2022 | 10:00
Updated-03 Aug, 2024 | 00:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cross-site Scripting (XSS) - DOM in octoprint/octoprint

Cross-site Scripting (XSS) - DOM in GitHub repository octoprint/octoprint prior to 1.8.0.

Action-Not Available
Vendor-octoprintoctoprint
Product-octoprintoctoprint/octoprint
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-27133
Matching Score-4
Assigner-JFrog
ShareView Details
Matching Score-4
Assigner-JFrog
CVSS Score-7.5||HIGH
EPSS-0.29% / 51.83%
||
7 Day CHG~0.00%
Published-23 Feb, 2024 | 22:00
Updated-22 Jan, 2025 | 13:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset.

Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. This issue leads to a client-side RCE when running the recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over dataset table fields.

Action-Not Available
Vendor-lfprojectslfprojects
Product-mlflowmlflow
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-27132
Matching Score-4
Assigner-JFrog
ShareView Details
Matching Score-4
Assigner-JFrog
CVSS Score-7.5||HIGH
EPSS-0.26% / 48.70%
||
7 Day CHG~0.00%
Published-23 Feb, 2024 | 21:58
Updated-22 Jan, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe.

Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables.

Action-Not Available
Vendor-lfprojectslfprojects
Product-mlflowmlflow
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-25639
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.30% / 52.93%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 14:24
Updated-22 Aug, 2024 | 14:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Prompt Injection triggered XSS vulnerability in Khoj Obsidian, Desktop and Web clients

Khoj is an application that creates personal AI agents. The Khoj Obsidian, Desktop and Web clients inadequately sanitize the AI model's response and user inputs. This can trigger Cross Site Scripting (XSS) via Prompt Injection from untrusted documents either indexed by the user on Khoj or read by Khoj from the internet when the user invokes the /online command. This vulnerability is fixed in 1.13.0.

Action-Not Available
Vendor-khojkhoj-aikhojai
Product-khojkhojkhoj
CWE ID-CWE-80
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-1474
Matching Score-4
Assigner-Progress Software Corporation
ShareView Details
Matching Score-4
Assigner-Progress Software Corporation
CVSS Score-7.5||HIGH
EPSS-0.07% / 21.20%
||
7 Day CHG~0.00%
Published-21 Feb, 2024 | 15:33
Updated-02 Jan, 2025 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WS_FTP Server Reflected Cross-Site Scripting in Administrative Interface

In WS_FTP Server versions before 8.8.5, reflected cross-site scripting issues have been identified on various user supplied inputs on the WS_FTP Server administrative interface.

Action-Not Available
Vendor-Progress Software Corporation
Product-ws_ftp_serverWS_FTP Server
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-39178
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.70% / 71.07%
||
7 Day CHG~0.00%
Published-30 Aug, 2021 | 23:55
Updated-04 Aug, 2024 | 01:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XSS in Image Optimization API for Next.js versions between 10.0.0 and 11.1.0

Next.js is a React framework. Versions of Next.js between 10.0.0 and 11.0.0 contain a cross-site scripting vulnerability. In order for an instance to be affected by the vulnerability, the `next.config.js` file must have `images.domains` array assigned and the image host assigned in `images.domains` must allow user-provided SVG. If the `next.config.js` file has `images.loader` assigned to something other than default or the instance is deployed on Vercel, the instance is not affected by the vulnerability. The vulnerability is patched in Next.js version 11.1.1.

Action-Not Available
Vendor-vercelvercel
Product-next.jsnext.js
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-3043
Matching Score-4
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.44%
||
7 Day CHG~0.00%
Published-15 Jul, 2021 | 16:45
Updated-17 Sep, 2024 | 01:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Prisma Cloud: Cross-Site Scripting (XSS) Vulnerability in Prisma Cloud Compute Web Console

A reflected cross-site scripting (XSS) vulnerability exists in the Prisma Cloud Compute web console that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console while an authenticated administrator is using that web interface. Prisma Cloud Compute SaaS versions were automatically upgraded to the fixed release. No additional action is required for these instances. This issue impacts: Prisma Cloud Compute 20.12 versions earlier than Prisma Cloud Compute 20.12.552; Prisma Cloud Compute 21.04 versions earlier than Prisma Cloud Compute 21.04.439.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-prisma_cloudPrisma Cloud Compute
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-29625
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-69.25% / 98.58%
||
7 Day CHG~0.00%
Published-19 May, 2021 | 21:35
Updated-03 Aug, 2024 | 22:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XSS in doc_link

Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a `pdo_` extension to communicate with the database (it is used if the native extensions are not enabled). In browsers without CSP, Adminer versions 4.6.1 to 4.8.0 are affected. The vulnerability is patched in version 4.8.1. As workarounds, one can use a browser supporting strict CSP or enable the native PHP extensions (e.g. `mysqli`) or disable displaying PHP errors (`display_errors`).

Action-Not Available
Vendor-Adminer
Product-admineradminer
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-28716
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-1.23% / 78.29%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 16:41
Updated-17 Sep, 2024 | 02:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x 11.6.x, a DOM-based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP AFM, CGNAT, and PEM Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_policy_enforcement_managerbig-ip_advanced_firewall_managerbig-ip_carrier-grade_natBIG-IP
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2023-46251
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.71% / 71.33%
||
7 Day CHG~0.00%
Published-06 Nov, 2023 | 17:41
Updated-04 Sep, 2024 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Visual editor persistent Cross-site Scripting (XSS) in MyBB

MyBB is a free and open source forum software. Custom MyCode (BBCode) for the visual editor (_SCEditor_) doesn't escape input properly when rendering HTML, resulting in a DOM-based XSS vulnerability. This weakness can be exploited by pointing a victim to a page where the visual editor is active (e.g. as a post or Private Message) and operates on a maliciously crafted MyCode message. This may occur on pages where message content is pre-filled using a GET/POST parameter, or on reply pages where a previously saved malicious message is quoted. The impact is be mitigated when: 1. the visual editor is disabled globally (_Admin CP → Configuration → Settings → Clickable Smilies and BB Code: [Clickable MyCode Editor](https://github.com/mybb/mybb/blob/mybb_1836/install/resources/settings.xml#L2087-L2094)_ is set to _Off_), or 2. the visual editor is disabled for individual user accounts (_User CP → Your Profile → Edit Options_: _Show the MyCode formatting options on the posting pages_ checkbox is not checked). MyBB 1.8.37 resolves this issue with the commit `6dcaf0b4d`. Users are advised to upgrade. Users unable to upgrade may mitigate the impact without upgrading MyBB by changing the following setting (_Admin CP → Configuration → Settings_): - _Clickable Smilies and BB Code → [Clickable MyCode Editor](https://github.com/mybb/mybb/blob/mybb_1836/install/resources/settings.xml#L2087-L2094)_: _Off_. Similarly, individual MyBB forum users are able to disable the visual editor by diabling the account option (_User CP → Your Profile → Edit Options_) _Show the MyCode formatting options on the posting pages_.

Action-Not Available
Vendor-MyBB
Product-mybbmybbmybb
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-27230
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.73% / 71.87%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 16:09
Updated-17 Sep, 2024 | 01:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP APM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of F5 BIG-IP Guided Configuration that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_access_policy_managerbig-ip_guided_configurationBIG-IP APMBIG-IP Guided Configuration (GC)
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-27561
Matching Score-4
Assigner-HCL Software
ShareView Details
Matching Score-4
Assigner-HCL Software
CVSS Score-7.5||HIGH
EPSS-0.45% / 62.80%
||
7 Day CHG~0.00%
Published-15 Sep, 2022 | 21:50
Updated-16 Sep, 2024 | 20:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Traveler is susceptible to a Reflected Cross-Site Scripting vulnerability in the web admin (LotusTraveler.nsf)

There is a reflected Cross-Site Scripting vulnerability in the HCL Traveler web admin (LotusTraveler.nsf).

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-travelerHCL Traveler
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-20222
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.43%
||
7 Day CHG~0.00%
Published-23 Mar, 2021 | 16:36
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in keycloak. The new account console in keycloak can allow malicious code to be executed using the referrer URL. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-keycloakkeycloak
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-5398
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-8||HIGH
EPSS-90.84% / 99.61%
||
7 Day CHG~0.00%
Published-16 Jan, 2020 | 23:55
Updated-16 Sep, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RFD Attack via "Content-Disposition" Header Sourced from Request Input by Spring MVC or Spring WebFlux Application

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.

Action-Not Available
Vendor-VMware (Broadcom Inc.)NetApp, Inc.Oracle Corporation
Product-communications_diameter_signaling_routerretail_bulk_data_integrationcommunications_billing_and_revenue_management_elastic_charging_engineretail_central_officeretail_back_officesiebel_engineering_-_installer_\&_deploymentretail_service_backbonecommunications_session_route_managerretail_assortment_planningcommunications_session_report_managercommunications_policy_managementhealthcare_master_person_indexcommunications_cloud_native_core_policysnapcenterretail_point-of-serviceinsurance_policy_administration_j2eeretail_order_brokerapplication_testing_suiteretail_predictive_application_serverdata_availability_servicesinsurance_rules_paletterapid_planningretail_financial_integrationflexcube_private_bankingretail_integration_busretail_returns_managementspring_frameworkfinancial_services_regulatory_reporting_with_agilereporterweblogic_serverinsurance_calculation_engineenterprise_manager_base_platformcommunications_element_managermysqlSpring Framework
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE ID-CWE-494
Download of Code Without Integrity Check
CVE-2023-38138
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.52% / 65.83%
||
7 Day CHG~0.00%
Published-02 Aug, 2023 | 15:55
Updated-27 Sep, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP Configuration utility vulnerability

A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which allows an attacker to run JavaScript in the context of the currently logged-in user.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_webacceleratorbig-ip_ssl_orchestratorbig-ip_application_acceleration_managerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_local_traffic_managerbig-ip_analyticsbig-ip_domain_name_systembig-ip_application_security_managerbig-ip_edge_gatewaybig-ip_advanced_web_application_firewallbig-ip_carrier-grade_natbig-ip_link_controllerbig-ip_application_visibility_and_reportingbig-ip_access_policy_managerbig-ip_websafebig-ip_advanced_firewall_managerbig-ip_ddos_hybrid_defenderBIG-IP
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2023-27378
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.99%
||
7 Day CHG~0.00%
Published-03 May, 2023 | 14:33
Updated-29 Jan, 2025 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP TMUI XSS vulnerability

Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an attacker to run JavaScript in the context of the currently logged-in user.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_webacceleratorbig-ip_ssl_orchestratorbig-ip_application_acceleration_managerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_local_traffic_managerbig-ip_analyticsbig-ip_domain_name_systembig-ip_application_security_managerbig-ip_edge_gatewaybig-ip_advanced_web_application_firewallbig-ip_carrier-grade_natbig-ip_link_controllerbig-ip_application_visibility_and_reportingbig-ip_access_policy_managerbig-ip_websafebig-ip_advanced_firewall_managerbig-ip_ddos_hybrid_defenderBIG-IP
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found