CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2021-41173 2021-10-26 2021-10-28
3.5
None Remote Medium ??? None None Partial
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading.
52 CVE-2021-41172 79 Exec Code XSS 2021-10-26 2021-10-27
3.5
None Remote Medium ??? None Partial None
AS_Redis is an AntSword plugin for Redis. The Redis Manage plugin for AntSword prior to version 0.5 is vulnerable to Self-XSS due to due to insufficient input validation and sanitization via redis server configuration. Self-XSS in the plugin configuration leads to code execution. This issue is patched in version 0.5.
53 CVE-2021-41169 79 XSS 2021-10-21 2021-10-27
3.5
None Remote Medium ??? None Partial None
Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade.
54 CVE-2021-41165 79 XSS Bypass 2021-11-17 2021-11-23
3.5
None Remote Medium ??? None Partial None
CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been recognized and patched. The fix will be available in version 4.17.0.
55 CVE-2021-41164 79 XSS Bypass 2021-11-17 2021-11-19
3.5
None Remote Medium ??? None Partial None
CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at version < 4.17.0. The problem has been recognized and patched. The fix will be available in version 4.17.0.
56 CVE-2021-41156 79 XSS 2021-10-18 2021-10-22
3.5
None Remote Medium ??? None Partial None
anuko/timetracker is an, open source time tracking system. In affected versions Time Tracker uses browser_today hidden control on a few pages to collect the today's date from user browsers. Because of not checking this parameter for sanity in versions prior to 1.19.30.5601, it was possible to craft an html form with malicious JavaScript, use social engineering to convince logged on users to execute a POST from such form, and have the attacker-supplied JavaScript to be executed in user's browser. This has been patched in version 1.19.30.5600. Upgrade is recommended. If it is not practical, introduce ttValidDbDateFormatDate function as in the latest version and add a call to it within the access checks block.
57 CVE-2021-41150 22 Dir. Trav. 2021-10-19 2021-10-26
3.5
None Remote Medium ??? None Partial None
Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. The tough library, prior to 0.12.0, does not properly sanitize delegated role names when caching a repository, or when loading a repository from the filesystem. When the repository is cached or loaded, files ending with the .json extension could be overwritten with role metadata anywhere on the system. A fix is available in version 0.12.0. No workarounds to this issue are known.
58 CVE-2021-41142 79 Exec Code XSS 2021-10-14 2021-10-20
3.5
None Remote Medium ??? None Partial None
Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition prior to 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capability to add and remove attachment to an artifact could force a victim to execute uncontrolled code. Tuleap Community Edition 11.17.99.146 and Tuleap Enterprise Edition 12.11-2 contain a fix for the issue.
59 CVE-2021-41136 444 2021-10-12 2021-10-27
3.6
None Remote High ??? Partial Partial None
Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. The only proxy which has this behavior, as far as the Puma team is aware of, is Apache Traffic Server. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This vulnerability was patched in Puma 5.5.1 and 4.3.9. As a workaround, do not use Apache Traffic Server with `puma`.
60 CVE-2021-41134 79 XSS 2021-11-03 2021-11-05
3.5
None Remote Medium ??? None Partial None
nbdime provides tools for diffing and merging of Jupyter Notebooks. In affected versions a stored cross-site scripting (XSS) issue exists within the Jupyter-owned nbdime project. It appears that when reading the file name and path from disk, the extension does not sanitize the string it constructs before returning it to be displayed. The diffNotebookCheckpoint function within nbdime causes this issue. When attempting to display the name of the local notebook (diffNotebookCheckpoint), nbdime appears to simply append .ipynb to the name of the input file. The NbdimeWidget is then created, and the base string is passed through to the request API function. From there, the frontend simply renders the HTML tag and anything along with it. Users are advised to patch to the most recent version of the affected product.
61 CVE-2021-41101 79 XSS 2021-09-30 2021-10-07
3.5
None Remote Medium ??? Partial None None
wire-server is an open-source back end for Wire, a secure collaboration platform. Before version 2.106.0, the CORS ` Access-Control-Allow-Origin ` header set by `nginz` is set for all subdomains of `.wire.com` (including `wire.com`). This means that if somebody were to find an XSS vector in any of the subdomains, they could use it to talk to the Wire API using the user's Cookie. A patch does not exist, but a workaround does. To make sure that a compromise of one subdomain does not yield access to the cookie of another, one may limit the `Access-Control-Allow-Origin` header to apps that actually require the cookie (account-pages, team-settings and the webapp).
62 CVE-2021-41086 79 XSS 2021-09-21 2021-09-29
3.5
None Remote Medium ??? None Partial None
jsuites is an open source collection of common required javascript web components. In affected versions users are subject to cross site scripting (XSS) attacks via clipboard content. jsuites is vulnerable to DOM based XSS if the user can be tricked into copying _anything_ from a malicious and pasting it into the html editor. This is because a part of the clipboard content is directly written to `innerHTML` allowing for javascript injection and thus XSS. Users are advised to update to version 4.9.11 to resolve.
63 CVE-2021-41057 59 2021-11-14 2021-11-17
3.6
None Local Low Not required None Partial Partial
In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions.
64 CVE-2021-40966 79 XSS 2021-09-15 2021-09-27
3.5
None Remote Medium ??? None Partial None
A Stored XSS exists in TinyFileManager All version up to and including 2.4.6 in /tinyfilemanager.php when the server is given a file that contains HTML and javascript in its name. A malicious user can upload a file with a malicious filename containing javascript code and it will run on any user browser when they access the server.
65 CVE-2021-40888 79 Exec Code XSS 2021-10-11 2021-10-18
3.5
None Remote Medium ??? None Partial None
Projectsend version r1295 is affected by Cross Site Scripting (XSS) due to lack of sanitization when echo output data in returnFilesIds() function. A low privilege user can call this function through process.php file and execute scripting code.
66 CVE-2021-40711 79 Exec Code XSS 2021-09-27 2021-11-18
3.5
None Remote Medium ??? None Partial None
Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a stored XSS vulnerability when creating Content Fragments. An authenticated attacker can send a malformed POST request to achieve arbitrary code execution. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
67 CVE-2021-40577 79 XSS 2021-11-08 2021-12-01
3.5
None Remote Medium ??? None Partial None
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter.
68 CVE-2021-40517 79 XSS 2021-11-10 2021-11-12
3.5
None Remote Medium ??? None Partial None
Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Payload is placed in the name column of the updates table using database access.
69 CVE-2021-40509 79 XSS 2021-09-04 2021-09-09
3.5
None Remote Medium ??? None Partial None
ViewCommon.java in JForum2 2.7.0 allows XSS via a user signature.
70 CVE-2021-40484 2021-10-13 2021-10-19
3.5
None Remote Medium ??? None Partial None
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-40483.
71 CVE-2021-40483 2021-10-13 2021-10-19
3.5
None Remote Medium ??? None Partial None
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-40484.
72 CVE-2021-40440 79 XSS 2021-09-15 2021-09-24
3.5
None Remote Medium ??? None Partial None
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
73 CVE-2021-40377 79 XSS 2021-09-08 2021-09-14
3.5
None Remote Medium ??? None Partial None
SmarterTools SmarterMail 16.x before build 7866 has stored XSS. The application fails to sanitize email content, thus allowing one to inject HTML and/or JavaScript into a page that will then be processed and stored by the application.
74 CVE-2021-40310 79 XSS 2021-09-24 2021-09-30
3.5
None Remote Medium ??? None Partial None
OpenSIS Community Edition version 8.0 is affected by a cross-site scripting (XSS) vulnerability in the TakeAttendance.php via the cp_id_miss_attn parameter.
75 CVE-2021-40292 79 XSS 2021-10-12 2021-10-19
3.5
None Remote Medium ??? None Partial None
A Stored Cross Site Sripting (XSS) vulnerability exists in DzzOffice 2.02.1 via the settingnew parameter.
76 CVE-2021-40223 79 XSS 2021-09-09 2021-09-22
3.5
None Remote Medium ??? None Partial None
Rittal CMC PU III Web management (version V3.11.00_2) fails to sanitize user input on several parameters of the configuration (User Configuration dialog, Task Configuration dialog and set logging filter dialog). This allows an attacker to backdoor the device with HTML and browser-interpreted content (such as JavaScript or other client-side scripts). The XSS payload will be triggered when the user accesses some specific sections of the application.
77 CVE-2021-40214 79 XSS 2021-09-13 2021-09-22
3.5
None Remote Medium ??? None Partial None
Gibbon v22.0.00 suffers from a stored XSS vulnerability within the wall messages component.
78 CVE-2021-40191 79 XSS 2021-10-11 2021-10-18
3.5
None Remote Medium ??? None Partial None
Dzzoffice Version 2.02.1 is affected by cross-site scripting (XSS) due to a lack of sanitization of input data at all upload functions in webroot/dzz/attach/Uploader.class.php and return a wrong response in content-type of output data in webroot/dzz/attach/controller.php.
79 CVE-2021-40131 79 Exec Code XSS 2021-11-19 2021-11-23
3.5
None Remote Medium ??? None Partial None
A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input that is processed by the web-based management interface. An attacker could exploit this vulnerability by adding malicious code to the configuration by using the web-based management interface. A successful exploit could allow the attacker to execute arbitrary code in the context of the interface or access sensitive, browser-based information.
80 CVE-2021-40121 79 XSS 2021-10-21 2021-10-25
3.5
None Remote Medium ??? None Partial None
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.
81 CVE-2021-40100 79 XSS 2021-09-24 2021-09-30
3.5
None Remote Medium ??? None Partial None
An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor is set to Rich Text.
82 CVE-2021-40086 668 2021-08-25 2021-09-07
3.5
None Remote Medium ??? Partial None None
An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page (that can only be viewed by an administrator). While hidden from direct view, checking the page source would reveal the secret.
83 CVE-2021-40066 732 2021-09-16 2021-11-29
3.5
None Remote Medium ??? Partial None None
The access controls on the Mobility read-only API improperly validate user access permissions. Attackers with both network access to the API and valid credentials can read data from it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v11.76 and Mobility v12.14.
84 CVE-2021-39909 347 Bypass 2021-11-05 2021-11-08
3.5
None Remote Medium ??? None Partial None
Lack of email address ownership verification in the CODEOWNERS feature in all versions of GitLab EE since version 11.3 allows an attacker to bypass CODEOWNERS Merge Request approval requirement under rare circumstances
85 CVE-2021-39887 79 Exec Code XSS 2021-10-05 2021-10-08
3.5
None Remote Medium ??? None Partial None
A stored Cross-Site Scripting vulnerability in the GitLab Flavored Markdown in GitLab CE/EE version 8.4 and above allowed an attacker to execute arbitrary JavaScript code on the victim's behalf.
86 CVE-2021-39885 79 Exec Code XSS 2021-10-04 2021-10-12
3.5
None Remote Medium ??? None Partial None
A Stored XSS in merge request creation page in Gitlab EE version 13.5 and above allows an attacker to execute arbitrary JavaScript code on the victim's behalf via malicious approval rule names
87 CVE-2021-39881 2021-10-05 2021-10-09
3.5
None Remote Medium ??? None Partial None
In all versions of GitLab CE/EE since version 7.7, the application may let a malicious user create an OAuth client application with arbitrary scope names which may allow the malicious user to trick unsuspecting users to authorize the malicious client application using the spoofed scope name and description.
88 CVE-2021-39878 79 Exec Code XSS 2021-10-05 2021-10-12
3.5
None Remote Medium ??? None Partial None
A stored Reflected Cross-Site Scripting vulnerability in the Jira integration in GitLab version 13.0 up to 14.3.1 allowed an attacker to execute arbitrary javascript code.
89 CVE-2021-39609 79 XSS 2021-08-23 2021-08-30
3.5
None Remote Medium ??? None Partial None
Cross Site Scripting (XSS) vulnerability exiss in FlatCore-CMS 2.0.7 via the upload image function.
90 CVE-2021-39496 79 XSS 2021-09-07 2021-09-09
3.5
None Remote Medium ??? None Partial None
Eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject malicious code into `filename` param to trigger Reflected XSS.
91 CVE-2021-39486 79 XSS 2021-10-04 2021-10-12
3.5
None Remote Medium ??? None Partial None
A Stored XSS via Malicious File Upload exists in Gila CMS version 2.2.0. An attacker can use this to steal cookies, passwords or to run arbitrary code on a victim's browser.
92 CVE-2021-39404 79 XSS 2021-09-22 2021-09-29
3.5
None Remote Medium ??? None Partial None
MaianAffiliate v1.0 allows an authenticated administrative user to save an XSS to the database.
93 CVE-2021-39357 79 XSS 2021-10-21 2021-10-25
3.5
None Remote Medium ??? None Partial None
The Leaky Paywall WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via the ~/class.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.16.5. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
94 CVE-2021-39356 79 XSS 2021-10-21 2021-10-27
3.5
None Remote Medium ??? None Partial None
The Content Staging WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via several parameters that are echo'd out via the ~/templates/settings.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.0.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
95 CVE-2021-39355 79 XSS 2021-10-19 2021-10-22
3.5
None Remote Medium ??? None Partial None
The Indeed Job Importer WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/indeed-job-importer/trunk/indeed-job-importer.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.0.5. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
96 CVE-2021-39354 79 XSS 2021-10-21 2021-10-27
3.5
None Remote Medium ??? None Partial None
The Easy Digital Downloads WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the $start_date and $end_date parameters found in the ~/includes/admin/payments/class-payments-table.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.11.2.
97 CVE-2021-39348 80 XSS 2021-10-21 2021-10-27
3.5
None Remote Medium ??? None Partial None
The LearnPress WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $custom_profile parameter found in the ~/inc/admin/views/backend-user-profile.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.1.3.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. Please note that this is seperate from CVE-2021-24702.
98 CVE-2021-39343 79 XSS 2021-10-19 2021-10-22
3.5
None Remote Medium ??? None Partial None
The MPL-Publisher WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/libs/PublisherController.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.30.2. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
99 CVE-2021-39329 79 XSS 2021-10-19 2021-10-22
3.5
None Remote Medium ??? None Partial None
The JobBoardWP WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/includes/admin/class-metabox.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.0.7. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
100 CVE-2021-39328 79 XSS 2021-10-21 2021-10-27
3.5
None Remote Medium ??? None Partial None
The Simple Job Board WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $job_board_privacy_policy_label variable echo'd out via the ~/admin/settings/class-simple-job-board-settings-privacy.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.9.4. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.