CVE-2023-45073
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Michael Koch Mendeley Plugin plugin <=Â 1.3.2 versions.
Source: CVE-2023-45073
CVE-2023-45073
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Michael Koch Mendeley Plugin plugin <=Â 1.3.2 versions.
Source: CVE-2023-45073
CVE-2023-45072
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kardi Order auto complete for WooCommerce plugin <=Â 1.2.0 versions.
Source: CVE-2023-45072
CVE-2023-46007
Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_staff.php.
Source: CVE-2023-46007
CVE-2023-45608
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Nicola Modugno Smart Cookie Kit plugin <=Â 2.3.1 versions.
Source: CVE-2023-45608
CVE-2023-45065
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit plugin <=Â 1.42 versions.
Source: CVE-2023-45065
CVE-2023-31217
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in MyTechTalky User Location and IP plugin <=Â 1.6 versions.
Source: CVE-2023-31217
CVE-2023-32089
Pega Platform versions 8.1 to 8.8.2 are affected by an XSS issue with Pin description
Source: CVE-2023-32089
CVE-2023-32088
Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with ad-hoc case creation
Source: CVE-2023-32088
CVE-2023-32087
Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with task creation
Source: CVE-2023-32087
CVE-2023-45727
Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity (XXE) attacks. By processing a specially crafted request containing malformed XML data, arbitrary files on the server containing account information may be read by the attacker.
Source: CVE-2023-45727