CWE-CWE-79 CVE - Yack CVE

Filtered by CWE-79

Total 42233 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-45905	1 Openwrt	1 Openwrt	2024-11-21	3.5 LOW	5.4 MEDIUM
OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen.
CVE-2021-45904	1 Openwrt	1 Openwrt	2024-11-21	3.5 LOW	5.4 MEDIUM
OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen.
CVE-2021-45903	1 Salesagility	1 Suitecrm	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
A persistent cross-site scripting (XSS) issue in the web interface of SuiteCRM before 7.10.35, and 7.11.x and 7.12.x before 7.12.2, allows a remote attacker to introduce arbitrary JavaScript via attachments upload, a different vulnerability than CVE-2021-39267 and CVE-2021-39268.
CVE-2021-45895	1 Netgen	1 Tags Bundle	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
Netgen Tags Bundle 3.4.x before 3.4.11 and 4.0.x before 4.0.15 allows XSS in the Tags Admin interface.
CVE-2021-45889	1 Ponton	1 X\/p Messenger	2024-11-21	3.5 LOW	5.4 MEDIUM
An issue was discovered in PONTON X/P Messenger before 3.11.2. Several functions are vulnerable to reflected XSS, as demonstrated by private/index.jsp?partners/ShowNonLocalPartners.do?localID= or private/index.jsp or private/index.jsp?database/databaseTab.jsp or private/index.jsp?activation/activationMainTab.jsp or private/index.jsp?communication/serverTab.jsp or private/index.jsp?emailNotification/notificationTab.jsp.
CVE-2021-45888	1 Ponton	1 X\/p Messenger	2024-11-21	3.5 LOW	4.8 MEDIUM
An issue was discovered in PONTON X/P Messenger before 3.11.2. The navigation tree that is shown on the left side of every page of the web application is vulnerable to XSS: it allows injection of JavaScript into its nodes. Creating such nodes is only possible for users who have the role Configuration Administrator or Administrator.
CVE-2021-45866	1 Student Attendance Management System Project	1 Student Attendance Management System	2024-11-21	3.5 LOW	5.4 MEDIUM
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Student Attendance Management System 1.0 via the couse filed in index.php.
CVE-2021-45843	1 Glfusion	1 Glfusion	2024-11-21	N/A	6.1 MEDIUM
glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting (XSS) vulnerability. The value of the title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. This input was echoed unmodified in the application's response.
CVE-2021-45822	1 Btiteam	1 Xbtit	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" (POST) parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code.
CVE-2021-45815	1 Quectel	2 Uc20, Uc20 Firmware	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Scripting (XSS) vulnerability.
CVE-2021-45813	1 Slican	1 Webcti	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
SLICAN WebCTI 1.01 2015 is affected by a Cross Site Scripting (XSS) vulnerability. The attacker can steal the user's session by injecting malicious JavaScript codes which leads to Session Hijacking and cause user's credentials theft.
CVE-2021-45812	1 Nuuo	2 Nvrsolo, Nvrsolo Firmware	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
NUUO Network Video Recorder NVRsolo 3.9.1 is affected by a Cross Site Scripting (XSS) vulnerability. An attacker can steal the user's session by injecting malicious JavaScript codes which leads to session hijacking.
CVE-2021-45792	1 Slims	1 Senayan Library Management System	2024-11-21	3.5 LOW	4.8 MEDIUM
Slims9 Bulian 9.4.2 is affected by Cross Site Scripting (XSS) in /admin/modules/system/custom_field.php.
CVE-2021-45787	1 Maccms	1 Maccms	2024-11-21	3.5 LOW	5.4 MEDIUM
There is a stored Cross Site Scripting (XSS) vulnerability in maccms v10 through adding videos. XSS code can be inserted at parameter positions including name and remarks.
CVE-2021-45745	1 Bludit	1 Bludit	2024-11-21	3.5 LOW	5.4 MEDIUM
A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel.
CVE-2021-45744	1 Bludit	1 Bludit	2024-11-21	3.5 LOW	5.4 MEDIUM
A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel.
CVE-2021-45721	1 Jfrog	1 Artifactory	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
JFrog Artifactory prior to version 7.29.8 and 6.23.38 is vulnerable to Reflected Cross-Site Scripting (XSS) through one of the XHR parameters in Users REST API endpoint. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.36.1 versions prior to 7.29.8; JFrog Artifactory versions before 6.23.41 versions prior to 6.23.38.
CVE-2021-45677	1 Netgear	4 Gs108t, Gs108t Firmware, Gs110tp and 1 more	2024-11-21	4.3 MEDIUM	5.2 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects GS108Tv2 before 5.4.2.36 and GS110TPv2 before 5.4.2.36.
CVE-2021-45676	1 Netgear	10 Rax15, Rax15 Firmware, Rax20 and 7 more	2024-11-21	3.5 LOW	4.3 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.5.126, RAX20 before 1.0.2.82, RAX80 before 1.0.5.126, RAX15 before 1.0.2.82, and RAX75 before 1.0.5.126.
CVE-2021-45675	1 Netgear	30 Ac2100, Ac2100 Firmware, Ac2400 and 27 more	2024-11-21	3.5 LOW	5.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects R6120 before 1.0.0.76, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6700v2 before 1.2.0.76, R6900v2 before 1.2.0.76, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, and AC2600 before 1.2.0.76.
CVE-2021-45674	1 Netgear	16 R7000, R7000 Firmware, R7900 and 13 more	2024-11-21	3.5 LOW	3.2 LOW
Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.
CVE-2021-45673	1 Netgear	16 R6900p, R6900p Firmware, R7000 and 13 more	2024-11-21	3.5 LOW	4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1.0.3.106, R6900P before 1.3.3.140, and RAX75 before 1.0.3.106.
CVE-2021-45672	1 Netgear	40 Ac2100, Ac2100 Firmware, Ac2400 and 37 more	2024-11-21	3.5 LOW	4.2 MEDIUM
Certain NETGEAR devices are affected by Stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R6850 before 1.1.0.78, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 befor ... Show More
CVE-2021-45671	1 Netgear	44 Cbr40, Cbr40 Firmware, Eax80 and 41 more	2024-11-21	3.5 LOW	6.5 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.62, EX7500 before 1.0.0.72, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.4.120, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.4.120, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.4.120, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3 ... Show More
CVE-2021-45670	1 Netgear	60 Cbr40, Cbr40 Firmware, Eax20 and 57 more	2024-11-21	3.5 LOW	6.5 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7000 before 1.0.11.116, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R7000P before 1.3.2.126, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 befo ... Show More
CVE-2021-45669	1 Netgear	30 Mr60, Mr60 Firmware, Ms60 and 27 more	2024-11-21	3.5 LOW	3.7 LOW
Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
CVE-2021-45668	1 Netgear	34 Eax20, Eax20 Firmware, Eax80 and 31 more	2024-11-21	3.5 LOW	6.5 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.
CVE-2021-45667	1 Netgear	56 Cbr40, Cbr40 Firmware, Eax20 and 53 more	2024-11-21	3.5 LOW	6.5 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R8000P before 1.4.1.66, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R7900P befor ... Show More
CVE-2021-45666	1 Netgear	30 Cbr40, Cbr40 Firmware, Eax80 and 27 more	2024-11-21	3.5 LOW	6.5 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.
CVE-2021-45665	1 Netgear	30 Eax20, Eax20 Firmware, Eax80 and 27 more	2024-11-21	3.5 LOW	6.5 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.
CVE-2021-45664	1 Netgear	2 R7000, R7000 Firmware	2024-11-21	3.5 LOW	5.6 MEDIUM
NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS.
CVE-2021-45663	1 Netgear	2 R7000, R7000 Firmware	2024-11-21	3.5 LOW	6.1 MEDIUM
NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS.
CVE-2021-45662	1 Netgear	2 R7000, R7000 Firmware	2024-11-21	3.5 LOW	6.1 MEDIUM
NETGEAR R7000 devices before 1.0.9.88 are affected by stored XSS.
CVE-2021-45639	1 Netgear	66 Cbr40, Cbr40 Firmware, Eax20 and 63 more	2024-11-21	4.3 MEDIUM	5.2 MEDIUM
Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.72, R7000 before 1.0.11.110, R7900 before 1.0.4.30, R7960P before 1.4.1.66, R8000 before 1.0.4.62, RAX200 before 1.0.2.102, XR300 before 1.0.3.50, EX3700 before 1.0.0.90, MR60 before 1.0.5.102, R7000P before 1.3.2.126, R8000P before 1.4.1.66, RAX20 before 1.0.1.64, RAX5 ... Show More
CVE-2021-45479	1 Yordam	1 Library Automation System	2024-11-21	N/A	5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation vulnerability in Yordam Information Technologies Library Automation System allows Stored XSS.This issue affects Library Automation System: before 19.2.
CVE-2021-45476	1 Yordam	1 Library Automation System	2024-11-21	N/A	4.7 MEDIUM
Yordam Library Information Document Automation product before version 19.02 has an unauthenticated reflected XSS vulnerability.
CVE-2021-45474	2 Fedoraproject, Mediawiki	2 Fedora, Mediawiki	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
In MediaWiki through 1.37, the Special:ImportFile URI (aka FileImporter) allows XSS, as demonstrated by the clientUrl parameter.
CVE-2021-45473	2 Fedoraproject, Mediawiki	2 Fedora, Mediawiki	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
In MediaWiki through 1.37, Wikibase item descriptions allow XSS, which is triggered upon a visit to an action=info URL (aka a page-information sidebar).
CVE-2021-45472	2 Fedoraproject, Mediawiki	2 Fedora, Mediawiki	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
In MediaWiki through 1.37, XSS can occur in Wikibase because an external identifier property can have a URL format that includes a $1 formatter substitution marker, and the javascript: URL scheme (among others) can be used.
CVE-2021-45425	1 Safarimontage	1 Safari Montage	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
Reflected Cross Site Scripting (XSS) in SAFARI Montage versions 8.3 and 8.5 allows remote attackers to execute JavaScript codes.

Vulnerabilities (CVE)