CVE-2018-13832

Multiple Persistent cross-site scripting XSS issues in the Techotronic all-in-one-favicon aka All In One Favicon plugin 4.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via Apple-Text, GIF-Text, ICO-Text, PNG-Text, or JPG-Text...

Cross site scripting

Cross-site scripting XSS vulnerability in TOPdesk before 8.05.017 June 2018 version and before 5.7.SR9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

CVE-2018-10231

Cross-site scripting XSS vulnerability in TOPdesk before 8.05.017 June 2018 version and before 5.7.SR9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

CVE-2017-16710

Cross-site scripting XSS vulnerability in Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815...

CVE-2013-0592

Cross-site scripting XSS vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 84115...

CVE-2018-11124

Cross-site scripting XSS vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of an Attribute...

Cross site scripting

Cross-site scripting XSS vulnerability in mail compose in Open-Xchange OX App Suite before 7.6.3-rev31, 7.8.x before 7.8.2-rev31, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev28 allows remote attackers to inject arbitrary web script or HTML via the data-target attribute in an HTML page wit...

CVE-2018-8928

Cross-site scripting XSS vulnerability in Address Book Editor in Synology CardDAV Server before 6.0.8-0086 allows remote authenticated users to inject arbitrary web script or HTML via the 1 familyname, 2 givenname, or 3 additionalname parameter...

Cross site scripting

An issue was discovered in Zoho ManageEngine EventLog Analyzer 11.12. A Cross-Site Scripting vulnerability allows a remote attacker to inject arbitrary web script or HTML via the search functionality the search box of the Dashboard...

CyberArk Endpoint Privilege Manager Cross-Site Scripting Vulnerability

CyberArk Endpoint Privilege Manager formerly Viewfinity is a privilege management software from CyberArk Software. The software includes features such as privilege management, application control, and credential loss protection. A cross-site scripting vulnerability exists in CyberArk Endpoint...

CVE-2018-1000528

GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb75606001 contains a Cross Site Scripting XSS vulnerability in change password form html/password.php, 308 that can result in injection of arbitrary web script or HTML. This attack appear to be exploitable via the victim must open ...

CVE-2018-0603

Cross-site scripting vulnerability in Site Reviews versions prior to 2.15.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML in 'System settings' via unspecified vectors...

Cross site scripting

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2018-0527

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2018-0602

Cross-site scripting vulnerability in Email Subscribers & Newsletters versions prior to 3.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2018-0605

Cross-site scripting vulnerability in Pixelpost v1.7.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2018-0603

Cross-site scripting vulnerability in Site Reviews versions prior to 2.15.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...