CVE-2022-2510 — CVSS 4.3 (medium): Cross-site Scripting (XSS) vulnerability in "Extension:ExtendedSearch" of Hallo Welt! GmbH BlueSpice allows attacker to inject arbitrary…
CVE-2022-2511 — CVSS 4.3 (medium): Cross-site Scripting (XSS) vulnerability in the "commonuserinterface" component of BlueSpice allows an attacker to inject arbitrary HTML…
CVE-2022-3895 — CVSS 4.0 (medium): Some UI elements of the Common User Interface Component are not properly sanitizing output and therefore prone to output arbitrary HTML…
CVE-2022-3958 — CVSS 3.3 (low): Cross-site Scripting (XSS) vulnerability in BlueSpiceUserSidebar extension of BlueSpice allows user with regular account and edit…
CVE-2022-42000 — CVSS 3.3 (low): Cross-site Scripting (XSS) vulnerability in BlueSpiceSocialProfile extension of BlueSpice allows user with comment permissions to inject…
CVE-2022-42001 — CVSS 3.3 (low): Cross-site Scripting (XSS) vulnerability in BlueSpiceBookshelf extension of BlueSpice allows user with regular account and edit permissions…
CVE-2022-41789 — CVSS 3.3 (low): Cross-site Scripting (XSS) vulnerability in BlueSpiceDiscovery skin of BlueSpice allows logged in user with edit permissions to inject…
CVE-2022-41814 — CVSS 3.3 (low): Cross-site Scripting (XSS) vulnerability in BlueSpiceFoundation extension of BlueSpice allows user with regular account and edit…
CVE-2022-3893 — CVSS 2.3 (low): Cross-site Scripting (XSS) vulnerability in BlueSpiceCustomMenu extension of BlueSpice allows user with admin permissions to inject…
CVE-2022-41611 — CVSS 2.3 (low): Cross-site Scripting (XSS) vulnerability in BlueSpiceDiscovery skin of BlueSpice allows user with admin privileges to inject arbitrary HTML…
CVE-2023-42431 — CVSS 2.1 (low): Cross-site Scripting (XSS) vulnerability in BlueSpiceAvatars extension of BlueSpice allows logged in user to inject arbitrary HTML into the…