CVE-2016-9261

Cross-site scripting XSS vulnerability in Tenable Log Correlation Engine aka LCE before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-9261

Cross-site scripting XSS vulnerability in Tenable Log Correlation Engine aka LCE before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-6099

Cross-site scripting XSS vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK aka merchant-sdk-php 3.9.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in managecustomfieldeditpage.php in MantisBT 1.2.19 and earlier allows remote attackers to inject arbitrary web script or HTML via the return parameter...

CVE-2016-5364

Cross-site scripting XSS vulnerability in managecustomfieldeditpage.php in MantisBT 1.2.19 and earlier allows remote attackers to inject arbitrary web script or HTML via the return parameter...

CVE-2014-9905

Multiple cross-site scripting XSS vulnerabilities in the Web Calendar in SOGo before 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 title of an appointment or 2 contact fields...

CVE-2014-9905

Multiple cross-site scripting XSS vulnerabilities in the Web Calendar in SOGo before 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 title of an appointment or 2 contact fields...

Cross site scripting

Cross-site scripting XSS vulnerability in WSO2 SOA Enablement Server for Java/6.6 build SSJ-6.6-20090827-1616 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

CVE-2014-9760

Cross-site scripting XSS vulnerability in the displayLogin function in html/index.php in GOsa allows remote attackers to inject arbitrary web script or HTML via the username...

CVE-2016-4988

Cross-site scripting XSS vulnerability in the Build Failure Analyzer plugin before 1.16.0 in Jenkins allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter...

CVE-2016-3101

Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...

CVE-2015-8831

Cross-site scripting XSS vulnerability in admin/comments.php in Dotclear before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the author name in a comment...

CVE-2016-3101

Cross-site scripting XSS vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips through the configured markup formatter...

Cross site scripting

Cross-site scripting XSS vulnerability in Tenable Nessus before 6.9 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to handling of .nessus files...

Cross site scripting

Cross-site scripting XSS vulnerability in the error handler in MyBB aka MyBulletinBoard before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving Mod control panel logs...

Cross site scripting

Cross-site scripting XSS vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt...

CVE-2017-5612

Cross-site scripting XSS vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt...

CVE-2017-5608

Cross-site scripting XSS vulnerability in the image upload function in Piwigo before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via a crafted image filename...

CVE-2016-4056

Cross-site scripting XSS vulnerability in the Backend component in TYPO3 6.2.x before 6.2.19 allows remote attackers to inject arbitrary web script or HTML via the module parameter when creating a bookmark...