XWiki Rendering is a generic Rendering system that converts textual input in a given syntax int…

An improper input neutralization vulnerability in the management web interface of the Palo Alto…

Cross-site scripting (XSS) vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows atta…

XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, HTML rendering didn't ch…

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management…

A logic error when using mb_strpos() to check for potential XSS payload in Bitrix24 22.0.300 a…

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not neutralize or inco…

A security defect was identified in Foundry Frontend that enabled users to potentially conduct …

An improper input neutralization vulnerability in the management web interface of the Palo Alto…

An improper input neutralization vulnerability in the management web interface of the Palo Alto…

In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confir…

An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI…

Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.2…

Improper Neutralization of Script in Attributes in a Web Page vulnerability in Forcepoint Email…

OpenClaw before 2026.5.12 contains a cross-site scripting vulnerability in exported session HTM…

Nuxt is an open-source web development framework for Vue.js. From versions 3.4.3 to before 3.21…

CVAT is an open source interactive video and image annotation tool for computer vision. In vers…

Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML attri…