CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-23632 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rhizome Networks CG Button allows Reflected XSS. This issue affects CG Button: from n/a through 1.0.5.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 26th, 2025 (3 months ago)
|
|
CVE-2025-23612 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pixobe Cartography allows Reflected XSS. This issue affects Pixobe Cartography: from n/a through 1.0.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 26th, 2025 (3 months ago)
|
|
CVE-2025-23546 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound RDP inGroups+ allows Reflected XSS. This issue affects RDP inGroups+: from n/a through 1.0.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 26th, 2025 (3 months ago)
|
|
CVE-2025-23543 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FOMO Pay Chinese Payment Solution allows Reflected XSS. This issue affects FOMO Pay Chinese Payment Solution: from n/a through 2.0.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 26th, 2025 (3 months ago)
|
|
CVE-2025-23542 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert D Payne RDP Linkedin Login allows Reflected XSS. This issue affects RDP Linkedin Login: from n/a through 1.7.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 26th, 2025 (3 months ago)
|
|
CVE-2025-23466 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsiteeditor Site Editor Google Map allows Reflected XSS. This issue affects Site Editor Google Map: from n/a through 1.0.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 26th, 2025 (3 months ago)
|
|
CVE-2025-23460 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound RWS Enquiry And Lead Follow-up allows Reflected XSS. This issue affects RWS Enquiry And Lead Follow-up: from n/a through 1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 26th, 2025 (3 months ago)
|
|
CVE-2025-23459 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound NS Simple Intro Loader allows Reflected XSS. This issue affects NS Simple Intro Loader: from n/a through 2.2.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 26th, 2025 (3 months ago)
|
|
CVE-2025-22283 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Riyaz GetSocial allows Reflected XSS. This issue affects GetSocial: from n/a through 2.0.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 26th, 2025 (3 months ago)
|
|
CVE-2024-28872 |
Description: The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the Stork server and use it to connect to the Stork agent. Once this connection is established with the valid certificate, the attacker can send malicious commands to a monitored service (Kea or BIND 9), possibly resulting in confidential data loss and/or denial of service. It should be noted that this vulnerability is not related to BIND 9 or Kea directly, and only customers using the Stork management tool are potentially affected.
This issue affects Stork versions 0.15.0 through 1.15.0.
CVSS: HIGH (8.9) EPSS Score: 0.1% SSVC Exploitation: none
March 26th, 2025 (3 months ago)
|