Security Risk Category
xss Security Risks
Published vulnerability pages connected to xss. One risk can appear in multiple categories while keeping one canonical page.
xss risks
Showing 3 of 3 published risks.
Dynamics 365 Customer Voice Cross-Site Scripting Spoofing Vulnerability
Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Customer Voice allows an unauthorized attacker to perform spoofing over a network.
Updated Jul 10, 2026
WP Cost Estimation & Payment Forms Builder Stored XSS Vulnerability
The WP Cost Estimation & Payment Forms Builder (E&P Forms) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customerInfos' parameter in all versions up to, and including, 10.5.97 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Updated Jul 10, 2026
OKRs & Goals Stored Cross-Site Scripting Vulnerability
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Twiser Informatics Technology Consulting, Trade and Education Inc. OKRs & Goals allows Stored XSS. This issue affects OKRs & Goals: from 28220 before 28398.
Updated Jul 10, 2026
