Total
28961 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-50933 | 1 Ibm | 1 Powersc | 2024-02-02 | N/A | 6.1 MEDIUM |
| IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 275113. | |||||
| CVE-2023-33786 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Circuit Types (/circuits/circuit-types/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-33790 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Locations (/dcim/locations/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-33787 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Tenant Groups (/tenancy/tenant-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-33785 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Rack Roles (/dcim/rack-roles/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-33795 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Contact Roles (/tenancy/contact-roles/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2019-25011 | 1 Netbox Project | 1 Netbox | 2024-02-02 | 3.5 LOW | 5.4 MEDIUM |
| NetBox through 2.6.2 allows an Authenticated User to conduct an XSS attack against an admin via a GFM-rendered field, as demonstrated by /dcim/sites/add/ comments. | |||||
| CVE-2023-33788 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Providers (/circuits/providers/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-33797 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Sites (/dcim/sites/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-33793 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Power Panels (/dcim/power-panels/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-33792 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Site Groups (/dcim/site-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-33798 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Rack (/dcim/rack/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-33794 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Tenants (/tenancy/tenants/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-33791 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Provider Accounts (/circuits/provider-accounts/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-33789 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Contact Groups (/tenancy/contact-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-33800 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Regions (/dcim/regions/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-37625 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates. | |||||
| CVE-2023-36234 | 1 Netbox | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Netbox 3.5.1, allows attackers to execute arbitrary code via Name field in device-roles/add function. | |||||
| CVE-2023-33799 | 1 Netbox Project | 1 Netbox | 2024-02-02 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Create Contacts (/tenancy/contacts/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. | |||||
| CVE-2023-44764 | 1 Concretecms | 1 Concrete Cms | 2024-02-02 | N/A | 5.4 MEDIUM |
| A Cross Site Scripting (XSS) vulnerability in Concrete CMS before 9.2.3 exists via the Name parameter during installation (aka Site of Installation or Settings). | |||||