Skip to main content
CVE-2023-0949 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Modoboa
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-24811 MEDIUM PATCH This Month

Misskey is an open source, decentralized social media platform. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Misskey
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-24810 MEDIUM This Month

Misskey is an open source, decentralized social media platform. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Misskey
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-25154 MEDIUM This Month

Misskey is an open source, decentralized social media platform. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Misskey
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-0846 MEDIUM PATCH This Month

Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Horizon Meridian
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-23039 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 6.2.0-rc2. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required.

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.7
EPSS
0.2%
CVE-2023-26302 MEDIUM PATCH This Month

Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Markdown It Py
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-22972 MEDIUM PATCH This Month

A Reflected Cross-site scripting (XSS) vulnerability in interface/forms/eye_mag/php/eye_mag_functions.php in OpenEMR < 7.0.0 allows remote authenticated users to inject arbitrary web script or HTML. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

PHP XSS Openemr
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-26214 MEDIUM This Month

The BusinessConnect UI component of TIBCO Software Inc.'s TIBCO BusinessConnect contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Businessconnect
NVD
CVSS 3.1
5.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy