CVE-2016-0029

Cross-site scripting XSS vulnerability in Outlook Web Access OWA in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability than CVE-2016-0031...

CVE-2016-0031

Cross-site scripting XSS vulnerability in Outlook Web Access OWA in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability than CVE-2016-0029...

CVE-2015-7706

Multiple cross-site scripting XSS vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to api/v3/public/shares/downloads/, the 2 authType parameter to api/v3/auth/login, or the 3 login parameter to...

CVE-2015-7706

Multiple cross-site scripting XSS vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to api/v3/public/shares/downloads/, the 2 authType parameter to api/v3/auth/login, or the 3 login parameter to...

CVE-2016-1498

Cross-site scripting XSS vulnerability in the OCS discovery provider component in ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a URL...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Symphony CMS 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the 1 Name, 2 Navigation Group, or 3 Label parameter to blueprints/sections/edit/1...

CVE-2014-6444

Multiple cross-site scripting XSS vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 t parameter to iframe-googlefont-preview.php or the 2 text parameter to iframe-font-preview.php...

CVE-2015-8756

Cross-site scripting XSS vulnerability in the search result view in the Indexed Search indexedsearch component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the search result view in the Indexed Search indexedsearch component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field...

CVE-2015-8756

Cross-site scripting XSS vulnerability in the search result view in the Indexed Search indexedsearch component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-8758

Multiple cross-site scripting XSS vulnerabilities in unspecified frontend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors...

CVE-2015-8759

Cross-site scripting XSS vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field...

Reflected XSS in OCS provider discovery - ownCloud

A Cross-site scripting XSS vulnerability in the OCS discovery provider in ownCloud Servers allows remote attackers to inject arbitrary web script or HTML via the URL resulting in a reflected Cross-Site-Scripting. Since ownCloud employs a strict Content-Security-Policy that forbids inline script...

Server: Reflected XSS in OCS provider discovery

A Cross-site scripting XSS vulnerability in the OCS discovery provider in ownCloud Servers allows remote attackers to inject arbitrary web script or HTML via the URL resulting in a reflected Cross-Site-Scripting. Since ownCloud employs a strict Content-Security-Policy that forbids inline script...

CVE-2015-5447

Cross-site scripting XSS vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.6 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified field...

CVE-2015-7252

Cross-site scripting XSS vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.kPE allows remote attackers to inject arbitrary web script or HTML via the errorpage parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in Let's PHP! Frame high-speed chat before 2015-09-22 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.kPE allows remote attackers to inject arbitrary web script or HTML via the errorpage parameter...