Skip to main content
CVE-2023-23647 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Team Member Team With Slider
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-23862 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Vertical Scroll Recent Post
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-23664 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Convertbox Auto Embed
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-31407 MEDIUM This Month

SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP XSS Business Planning And Consolidation
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-29188 MEDIUM This Month

SAP CRM WebClient UI - versions SAPSCORE 129, S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP XSS Customer Relationship Management Webclient Ui S4Fnd Sapscore
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-28318 MEDIUM This Month

A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Rocket Chat
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2023-28317 MEDIUM This Month

A vulnerability has been discovered in Rocket.Chat, where editing messages can change the original timestamp, causing the UI to display messages in an incorrect order. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Rocket Chat
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-28290 MEDIUM This Month

Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Microsoft Remote Desktop App
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2023-29107 MEDIUM PATCH This Month

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal Information Disclosure 6Gk1411 1Ac00 Firmware 6Gk1411 5Ac00 Firmware
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-31404 MEDIUM This Month

Under certain conditions, SAP BusinessObjects Business Intelligence Platform (Central Management Service) - versions 420, 430, allows an attacker to access information which would otherwise be. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure Businessobjects Business Intelligence
NVD
CVSS 3.1
5.0
EPSS
0.5%
CVE-2023-31805 MEDIUM This Month

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local authenticated attacker to execute arbitrary code via the homepage function. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS RCE Chamilo Lms
NVD VulDB
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-31803 MEDIUM This Month

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the resource sequencing parameters. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS RCE Chamilo Lms
NVD VulDB
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-31799 MEDIUM This Month

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the system annnouncements parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS RCE Chamilo Lms
NVD VulDB
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-24372 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Simple Custom Author Profiles
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23884 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Kanban Boards For Wordpress
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23883 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wp Content Filter Censor All Offensive Content From Your Site
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23734 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Userlike
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23733 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Lazy Social Comments
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23732 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Disqus Conditional Load
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23793 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Read More Without Refresh
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-23863 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Treepress
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-29103 MEDIUM PATCH This Month

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >=. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass 6Gk1411 1Ac00 Firmware 6Gk1411 5Ac00 Firmware
NVD
CVSS 3.1
4.3
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy