Latest CVE Feed
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of
the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable.
You can also sort the list based on the published date, last updated date, or CVSS score.
-
8.5
HIGHCVE-2025-54300
A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. The SVG upload feature does not sanitize uploads.... Read more
Affected Products :- Published: Aug. 25, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Cross-Site Scripting
-
8.5
HIGHCVE-2025-54301
A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. File names are not properly escaped.... Read more
Affected Products :- Published: Aug. 25, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Cross-Site Scripting
-
6.7
MEDIUMCVE-2025-55301
The Scratch Channel is a news website. In version 1, it is possible to go to application in devtools and click local storage to edit the account's username locally. This issue has been patched in version 1.1.... Read more
Affected Products :- Published: Aug. 25, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Authentication
-
8.5
HIGHCVE-2025-3478
A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText Enterprise Security Manager. The vulnerability could be remotely exploited.... Read more
Affected Products :- Published: Aug. 25, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Cross-Site Scripting