6892 matches found
Cross site scripting
Cross-site Scripting XSS in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the browselinks wizard...
CVE-2011-4903
Cross-site Scripting XSS in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the RemoveXSS function...
CVE-2013-1932
A cross-site scripting XSS vulnerability in the configuration report page admconfigreport.php in MantisBT 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via a project name...
Cross site scripting
A cross-site scripting XSS vulnerability in the configuration report page admconfigreport.php in MantisBT 1.2.0rc1 before 1.2.14 allows remote authenticated users to inject arbitrary web script or HTML via a complex value...
Cross site scripting
A cross-site scripting XSS vulnerability in the configuration report page admconfigreport.php in MantisBT 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via a project name...
CVE-2010-1673
A cross-site scripting XSS vulnerability in ikiwiki before 3.20101112 allows remote attackers to inject arbitrary web script or HTML via a comment...
CVE-2018-18678
GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board group extra contents" parameter, aka the adm/boardgroupformupdate.php gr110 parameter...
Design/Logic Flaw
GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board group extra contents" parameter, aka the adm/boardgroupformupdate.php gr110 parameter...
CVE-2018-18678
GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board group extra contents" parameter, aka the adm/boardgroupformupdate.php gr110 parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...
CVE-2019-18419
A cross-site scripting XSS vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...
Cross site scripting
A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cross-site scripting occurs immediately...
CVE-2019-17660
A cross-site scripting XSS vulnerability in admin/translate/translateheaderview.php in LimeSurvey 3.19.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the tolang parameter, as demonstrated by the index.php/admin/translate/sa/index/surveyid/336819/lang/ PATHINFO...
Cisco Unified Intelligence Center (CUIC) Software Cross-Site Scripting Vulnerability
Cross-site scripting XSS vulnerability in Cisco Unified Intelligence Center CUIC 8.5.4 through 9.11, as used in Unified Contact Center Express 10.01 through 11.01, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuy75020 and CSCuy81652. C Tenable...
CVE-2019-15750
A Cross-Site Scripting XSS vulnerability in the blog function in SITOS six Build v6.2.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
Cross site scripting
A Cross-Site Scripting XSS vulnerability in the blog function in SITOS six Build v6.2.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2019-15750
A Cross-Site Scripting XSS vulnerability in the blog function in SITOS six Build v6.2.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2008-1131
Cross-site scripting XSS vulnerability in Drupal 6.0 allows remote authenticated users to inject arbitrary web script or HTML via titles in content edit forms...
CVE-2019-16307
A Reflected Cross-Site Scripting XSS vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter webExMeetingLogin.jsp and meetingKey...
CVE-2019-5975
DOM-based cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...