Total
37538 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-3977 | 1 Invoiceninja | 1 Invoice Ninja | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3961 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3950 | 1 Django-helpdesk Project | 1 Django-helpdesk | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3945 | 1 Django-helpdesk Project | 1 Django-helpdesk | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3938 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3920 | 1 Getgrav | 1 Grav-plugin-admin | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| grav-plugin-admin is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3914 | 1 Redhat | 3 Build Of Quarkus, Openshift Application Runtimes, Smallrye Health | 2024-11-21 | N/A | 6.1 MEDIUM |
| It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks. | |||||
| CVE-2021-3904 | 1 Getgrav | 1 Grav | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3879 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3866 | 1 Zulip | 1 Zulip | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository zulip/zulip more than and including 44f935695d452cc3fb16845a0c6af710438b153d and prior to 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6. | |||||
| CVE-2021-3863 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3862 | 1 Icecoder | 1 Icecoder | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| icecoder is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3857 | 1 Chaskiq | 1 Chaskiq | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| chaskiq is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3853 | 1 Chaskiq | 1 Chaskiq | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| chaskiq is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3834 | 1 Artica | 1 Integria Ims | 2024-11-21 | 4.3 MEDIUM | 5.4 MEDIUM |
| Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php file. An attacker could exploit this vulnerability in order to perform a cross-site scripting attack (XSS). | |||||
| CVE-2021-3831 | 1 Gnuboard | 1 Gnuboard5 | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| gnuboard5 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3830 | 1 Btcpayserver | 1 Btcpay Server | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3824 | 1 Openvpn | 1 Openvpn Access Server | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL. | |||||
| CVE-2021-3816 | 1 Cacti | 1 Cacti | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via "Copy" method at user_group_admin.php. | |||||
| CVE-2021-3812 | 1 Pi-hole | 1 Web Interface | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||