Medium
CVE-2019-12513
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. When the mal…
Tag: Stored XSS
All CVEs associated with "Stored XSS". Page 41/45 • 5376 CVEs.
Subscribe CVEs: RSS for “Stored XSS” · RSS (High+Critical only)
About “Stored XSS”
A curated feed of “Stored XSS”-related CVEs appears below. We currently track 5376 CVEs for this tag (all time). In the last 365 days, 1195 were published. Average CVSS is 6.2 (all time; 6.4 over 365d), and 18% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-352 - Cross-Site Request Forgery (CSRF), CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS).
In our taxonomy this topic maps to a MODERATE impact class. Common exploitation patterns for this weakness can lead to moderate. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2020-02-24
Medium
CVE-2019-12512
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execute stored XSS attacks against this device by supplying a malicious X-Forwarded-For header while performing an incorrect login att…
2020-02-21
Medium
CVE-2019-19865
Atos Unify OpenScape UC Application V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows XSS. An attacker could exploit this by convincing an authenticated user to inject arbitrary J…
2020-02-20
Medium
CVE-2020-9003
A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress. Successful exploitation of this vulnerability would allow an authenticated low-privileged user to inje…
2020-02-17
Medium
CVE-2020-9028
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow stored XSS via the newUserName parameter on the "User Creation, Deletion and Password Maintenan…
Medium
CVE-2020-9025
Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script.
2020-02-14
Medium
CVE-2019-13965
Because of a lack of sanitization around error messages, multiple Reflective XSS issues exist in iTop through 2.6.0 via the param_file parameter to webservices/export.php, webservices/cron.php, or en…
Medium
CVE-2020-8594
The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang], or ninja_forms…
Medium
CVE-2013-4791
PrestaShop before 1.4.11 allows Logistician, translators and other low level profiles/accounts to inject a persistent XSS vector on TinyMCE.
2020-02-13
Medium
CVE-2012-1500
Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code.
Medium
CVE-2020-7051
Codologic Codoforum through 4.8.4 allows stored XSS in the login area. This is relevant in conjunction with CVE-2020-5842 because session cookies lack the HttpOnly flag. The impact is account takeove…
Medium
CVE-2019-18791
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and ot…
2020-02-12
Medium
CVE-2020-8839
Stored XSS was discovered on CHIYU BF-430 232/485 TCP/IP Converter devices before 1.16.00, as demonstrated by the /if.cgi TF_submask field.
2020-02-11
Medium
CVE-2019-18210
Persistent XSS in /course/modedit.php of Moodle through 3.7.2 allows authenticated users (Teacher and above) to inject JavaScript into the session of another user (e.g., enrolled student or site admi…
2020-02-10
Medium
CVE-2019-19670
A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacemen…
Medium
CVE-2020-8089
Piwigo 2.10.1 is affected by stored XSS via the Group Name Field to the group_list page.
Medium
CVE-2020-1697
It was found in all keycloak versions before 9.0.0 that links to external applications (Application Links) in the admin console are not validated properly and could allow Stored XSS attacks. An authe…
Medium
CVE-2020-8825
index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS.
Medium
CVE-2020-8822
Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application.
2020-02-07
Medium
CVE-2013-3635
ProjectPier 0.8.8 has stored XSS
2020-02-03
Medium
CVE-2020-8549
Stored XSS in the Strong Testimonials plugin before 2.40.1 for WordPress can result in an attacker performing malicious actions such as stealing session tokens.
2020-01-30
Medium
CVE-2020-8496
In Kronos Web Time and Attendance (webTA) 4.1.x and later 4.x versions before 5.0, there is a Stored XSS vulnerability by setting the Application Banner input field of the /ApplicationBanner page as…
Medium
CVE-2020-8493
A stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affects 3.8.x and later 3.x versions before 4.0 via multiple input fields (Login Message, Banner Message, and Password Instruction…
Medium
CVE-2020-7910
JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role.
2020-01-29
Medium
CVE-2020-2106
Jenkins Code Coverage API Plugin 1.1.2 and earlier does not escape the filename of the coverage report used in its view, resulting in a stored XSS vulnerability exploitable by users able to change jo…
Medium
CVE-2013-0161
Havalite CMS 1.1.7 has a stored XSS vulnerability
2020-01-28
Medium
CVE-2020-7934
In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle Name, and Last Name fields for user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue. Any user can modify…
Medium
CVE-2019-15607
A stored XSS vulnerability is present within node-red (version: <= 0.20.7) npm package, which is a visual tool for wiring the Internet of Things. This issue will allow the attacker to steal session c…
2020-01-27
Medium
CVE-2020-8090
The Username field in the Storage Service settings of A1 WLAN Box ADB VV2220v2 devices allows stored XSS (after a successful Administrator login).
Medium
CVE-2019-8947
Zimbra Collaboration 8.7.x - 8.8.11P2 contains non-persistent XSS.
Medium
CVE-2019-8946
Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS.
Medium
CVE-2019-8945
Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS.
Medium
CVE-2019-15313
In Zimbra Collaboration before 8.8.15 Patch 1, there is a non-persistent XSS vulnerability.
Medium
CVE-2019-12427
Zimbra Collaboration before 8.8.15 Patch 1 is vulnerable to a non-persistent XSS via the Admin Console.
Medium
CVE-2019-11318
Zimbra Collaboration before 8.8.12 Patch 1 has persistent XSS.
2020-01-26
Medium
CVE-2020-3129
A vulnerability in the web-based management interface of Cisco Unity Connection Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. The vulne…
2020-01-23
Medium
CVE-2019-16512
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is stored XSS in the Appearance modifier.
Medium
CVE-2014-7238
The WordPress plugin Contact Form Integrated With Google Maps 1.0-2.4 has Stored XSS
Medium
CVE-2020-5223
In PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2, a persistent XSS attack is possible. Under certain conditions, a user provided attachment file name can inject HTML leading to a per…
2020-01-22
Medium
CVE-2020-7228
The Calculated Fields Form plugin through 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in the input forms. These can be exploited by an authenticated user.
2020-01-19
Medium
CVE-2020-7234
Ruckus ZoneFlex R310 104.0.0.0.1347 devices allow Stored XSS via the SSID field on the Configuration > Radio 2.4G > Wireless X screen (after a successful login to the super account).
2020-01-17
Medium
CVE-2019-17127
A Stored Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and esca…
Medium
CVE-2019-17125
A Reflected Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the An…
Medium
CVE-2019-20003
Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 allows Stored XSS via the Debug-Log and Display-Log components. This could be exploited when an attacker sends an crafted string for FTP authe…
2020-01-16
Medium
CVE-2020-7106
Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the descrip…
2020-01-15
Medium
CVE-2019-19858
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/add_user/UID allows stored XSS via the author parameter.
Medium
CVE-2019-19856
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The User Type on the admin/list_user page allows stored XSS via the type parameter.
Medium
CVE-2019-19855
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/list_user allows stored XSS via the auth_type parameter.
2020-01-13
Medium
CVE-2019-20212
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via the chat widget/page message form.
Medium
CVE-2019-20211
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address,…
2020-01-08
Medium
CVE-2014-1454
Pearson eSIS (Enterprise Student Information System) message board has stored XSS due to improper validation of user input
2020-01-07
Medium
CVE-2013-5638
Transcend WiFiSD 1.8 has persistent XSS
Medium
CVE-2013-5637
PQI AirCard has persistent XSS
2020-01-06
Medium
CVE-2020-5191
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities.
2019-12-27
Medium
CVE-2016-1000029
Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269).
Medium
CVE-2016-1000028
Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198).
2019-12-26
Medium
CVE-2019-20008
In Archery before 1.3, inserting an XSS payload into a project name (either by creating a new project or editing an existing one) will result in stored XSS on the vulnerability-scan scheduling page.
Medium
CVE-2019-19542
The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Good For field on the new listing submit page.
Medium
CVE-2019-19541
The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Best Day/Night field on the new listing submit page.
2019-12-17
Medium
CVE-2019-16564
Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content su…
Medium
CVE-2019-16563
Jenkins Mission Control Plugin 0.9.16 and earlier does not escape job display names and build names shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to change…
Medium
CVE-2019-16562
Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the description of builds shown in its view, resulting in a stored XSS vulnerability exploitable by users able to change build descripti…
2019-12-04
Medium
CVE-2019-18347
A stored XSS issue was discovered in DAViCal through 1.1.8. It does not adequately sanitize output of various fields that can be set by unprivileged users, making it possible for JavaScript stored in…
2019-12-02
Medium
CVE-2019-19496
Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document.
2019-11-27
Low
CVE-2019-13936
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a persistent XSS vulnerabilit…
2019-11-26
Medium
CVE-2019-19129
Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name.
Medium
CVE-2019-19206
Dolibarr CRM/ERP 10.0.3 allows viewimage.php?file= Stored XSS due to JavaScript execution in an SVG image for a profile picture.
2019-11-18
Medium
CVE-2019-12311
Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. An HTML page running a script could be uploaded to the server. When a victim tries to download a CISO Repor…
Medium
CVE-2019-12299
Sandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section.
2019-11-15
Medium
CVE-2019-14343
TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI.
2019-11-14
Medium
CVE-2019-18649
When logged in as an admin user, the Title input field (under Reports) within Untangle NG firewall 14.2.0 is vulnerable to stored XSS.
2019-11-13
Medium
CVE-2014-3592
OpenShift Origin: Improperly validated team names could allow stored XSS attacks
Medium
CVE-2012-4384
letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in Calendar
Critical
CVE-2019-18839
FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. This may result in remote code execution. An attacker can use a user account to fully compromise the system using a POST request.…
2019-11-12
Medium
CVE-2019-17236
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS.
Medium
CVE-2019-18882
WSO2 IS as Key Manager 5.7.0 allows stored XSS in download-userinfo.jag because Content-Type is mishandled.
Critical
CVE-2019-18873
FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET reques…
2019-11-07
Medium
CVE-2019-18816
po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 allows post[1][content]= stored XSS.
Medium
CVE-2019-17222
An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the confi…
2019-11-06
Medium
CVE-2009-5048
Cookie Dump Servlet stored XSS vulnerability in jetty though 6.1.20.
2019-10-31
Medium
CVE-2019-16295
Stored XSS in filemanager2.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.885 exists via the cmd_arg parameter. This can be exploited by a local attacker who supplies a crafted filename…
Medium
CVE-2019-17551
In Apak Wholesale Floorplanning Finance 6.31.8.3 and 6.31.8.5, an attacker can send an authenticated POST request with a malicious payload to /WFS/agreementView.faces allowing a stored XSS via the ma…
2019-10-29
Medium
CVE-2019-9758
An issue was discovered in LabKey Server 19.1.0. The display name of a user is vulnerable to stored XSS that can execute on administrators from security/permissions.view, security/addUsers.view, or w…
2019-10-28
Medium
CVE-2019-14928
An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. A number of stored cross-site script (XSS) vulnerabilities allow an attacke…
2019-10-25
Medium
CVE-2019-18221
CoreHR Core Portal before 27.0.7 allows stored XSS.
2019-10-24
High
CVE-2019-12095
Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE:…
2019-10-23
Medium
CVE-2019-17606
The Post editor functionality in the hexo-admin plugin versions 2.3.0 and earlier for Node.js is vulnerable to stored XSS via the content of a post.
2019-10-21
Medium
CVE-2019-18203
On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn and KeyDisplay parameter to /web/entry/en/address/a…
Medium
CVE-2019-10715
There is Stored XSS in Verodin Director 3.5.3.0 and earlier via input fields of certain tooltips, and on the Tags, Sequences, and Actors pages.
2019-10-17
Medium
CVE-2019-17674
WordPress before 5.2.4 is vulnerable to stored XSS (cross-site scripting) via the Customizer.
Medium
CVE-2019-17672
WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements.
2019-10-16
Medium
CVE-2019-16523
The events-manager plugin through 5.9.5 for WordPress (aka Events Manager) is susceptible to Stored XSS due to improper encoding and insertion of data provided to the attribute map_style of shortcode…
Medium
CVE-2019-16522
The eu-cookie-law plugin through 3.0.6 for WordPress (aka EU Cookie Law (GDPR)) is susceptible to Stored XSS due to improper encoding of several configuration options in the admin area and the displa…
Medium
CVE-2019-17630
CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a crafted image filename on the "News > Add Article" screen.
Medium
CVE-2019-17629
CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a crafted image filename on the "file manager > upload images" screen.
Medium
CVE-2019-16520
The all-in-one-seo-pack plugin before 3.2.7 for WordPress (aka All in One SEO Pack) is susceptible to Stored XSS due to improper encoding of the SEO-specific description for posts provided by the plu…
Critical
CVE-2019-17625
There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field…
2019-10-12
Medium
CVE-2019-17522
A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 via the admin_index.php?page=settings SITE NAME field (aka SITE_NAME), a related issue to CVE-2011-4709.1.
2019-10-11
Medium
CVE-2019-17496
Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion.
2019-10-10
Medium
CVE-2019-17427
In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors.
2019-10-09
Medium
CVE-2019-17379
cPanel before 82.0.15 allows self stored XSS in the WHM SSL Storage Manager interface (SEC-527).
2019-10-08
Medium
CVE-2019-17108
Local file inclusion in brokerPerformance.php in Centreon Web before 2.8.28 allows attackers to disclose information or perform a stored XSS attack on a user.
2019-10-07
Medium
CVE-2019-17239
includes/settings/class-alg-download-plugins-settings.php in the download-plugins-dashboard plugin through 1.5.0 for WordPress has multiple unauthenticated stored XSS issues.
2019-10-06
Medium
CVE-2019-17213
The WebARX plugin 1.3.0 for WordPress has unauthenticated stored XSS via the URI or the X-Forwarded-For HTTP header.
2019-10-05
Medium
CVE-2019-17205
TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed.
Medium
CVE-2019-17204
TeamPass 2.1.27.36 allows Stored XSS by setting a crafted Knowledge Base label and adding any available item.
Medium
CVE-2019-17203
TeamPass 2.1.27.36 allows Stored XSS at the Search page by setting a crafted password for an item in any folder.
2019-10-04
Medium
CVE-2019-11656
Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. This vulnerability could allow Improper Neutralization of Input During Web Page Ge…
2019-10-03
Medium
CVE-2019-16931
A stored XSS vulnerability in the Visualizer plugin 3.3.0 for WordPress allows an unauthenticated attacker to execute arbitrary JavaScript when an admin or other privileged user edits the chart via t…
2019-10-02
Medium
CVE-2019-16171
In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page.
2019-10-01
Medium
CVE-2019-8289
Vulnerability in Online Store v1.0, stored XSS in admin/user_view.php adidas_member_email variable
Medium
CVE-2019-8288
Vulnerability in Online Store v1.0, Stored XSS in user_view.php where adidas_member_user variable is not sanitized.
Medium
CVE-2019-17074
An issue was discovered in XunRuiCMS 4.3.1. There is a stored XSS in the module_category area.
2019-09-30
Medium
CVE-2019-17045
Ilch 2.1.22 allows stored XSS via the title, text, or email id to the Jobs Tab.
2019-09-27
Medium
CVE-2019-16688
Dolibarr 9.0.5 has stored XSS in an Email Template section to mails_templates.php. A user with no privileges can inject script to attack the admin. (This stored XSS can affect all types of user privi…
Medium
CVE-2019-16687
Dolibarr 9.0.5 has stored XSS in a User Profile in a Signature section to card.php. A user with the "Create/modify other users, groups and permissions" privilege can inject script and can also achiev…
Medium
CVE-2019-16686
Dolibarr 9.0.5 has stored XSS in a User Note section to note.php. A user with no privileges can inject script to attack the admin.
Medium
CVE-2019-16685
Dolibarr 9.0.5 has stored XSS vulnerability via a User Group Description section to card.php. A user with the "Create/modify other users, groups and permissions" privilege can inject script and can a…
Medium
CVE-2019-13376
phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking leads to stored XSS
2019-09-26
Medium
CVE-2019-16524
The easy-fancybox plugin before 1.8.18 for WordPress (aka Easy FancyBox) is susceptible to Stored XSS in the Settings Menu inc/class-easyfancybox.php due to improper encoding of arbitrarily submitted…