CVE-2013-0203

Multiple cross-site scripting XSS vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 unspecified parameters to apps/calendar/ajax/event/new.php or 2 url parameter to apps/bookmarks/ajax/addBookmark.php...

CVE-2013-6878

Cross-site scripting XSS vulnerability in the Mijosoft MijoSearch component 2.0.4 and earlier for Joomla! allows remote attackers to inject arbitrary web script or HTML via the query parameter to component/mijosearch/search...

CVE-2015-2793

Cross-site scripting XSS vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attackers to inject arbitrary web script or HTML via the openididentifier parameter in a verify action to ikiwiki.cgi...

CVE-2015-2793

Cross-site scripting XSS vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attackers to inject arbitrary web script or HTML via the openididentifier parameter in a verify action to ikiwiki.cgi...

Cross site scripting

Cross-site Scripting XSS in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web script or HTML in functions.lib.php...

CVE-2011-4455

Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to 1 tiki-adminsystem.php, 2 tiki-pagehistory.php, 3 tiki-removepage.php, or 4 tiki-renamepage.php...

Cross site scripting

Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to 1 tiki-adminsystem.php, 2 tiki-pagehistory.php, 3 tiki-removepage.php, or 4 tiki-renamepage.php...

CVE-2011-4455

Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to 1 tiki-adminsystem.php, 2 tiki-pagehistory.php, 3 tiki-removepage.php, or 4 tiki-renamepage.php...

CVE-2013-0195

Cross-site Scripting XSS in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0194...

CVE-2013-0195

Cross-site Scripting XSS in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0194...

CVE-2013-0194

Cross-site Scripting XSS in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0195...

CVE-2012-4441

Cross-site Scripting XSS in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin...

CVE-2012-4441

Cross-site Scripting XSS in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin...

Cross site scripting

A persistent cross-site scripting XSS vulnerability in Octopus Server 3.4.0 through 2019.10.5 allows remote authenticated attackers to inject arbitrary web script or HTML...

CVE-2012-2237

Multiple cross-site scripting XSS vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 javascript innerHTML as used when generating login forms, 2 links or 3 resources URLs, and 4 the Display nam...

CVE-2019-17524

An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the "Connected Clients" field to /wlanAccess.asp. An intranet host can use a crafted hostname to exploit this...

CVE-2013-1426

Cross-site Scripting XSS in Mahara before 1.5.9 and 1.6.x before 1.6.4 allows remote attackers to inject arbitrary web script or HTML via the TinyMCE editor...

CVE-2011-4626

Cross-site Scripting XSS in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the "JSwindow" property of the typolink function...

CVE-2011-4631

Cross-site Scripting XSS in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the system extension recycler...

CVE-2011-4632

Cross-site Scripting XSS in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the tcemain flash message...