CVE-2015-4854

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Single Signon. NOTE: the previous information is from the October 2015 CPU. Oracle...

CVE-2015-7822

Multiple cross-site scripting XSS vulnerabilities in Kentico CMS 8.2 allow remote attackers to inject arbitrary web script or HTML via a 1 parameter name to CMSModules/AdminControls/Pages/UIPage.aspx or the 2 CMSBodyClass cookie variable to the default URI...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Kentico CMS 8.2 allow remote attackers to inject arbitrary web script or HTML via a 1 parameter name to CMSModules/AdminControls/Pages/UIPage.aspx or the 2 CMSBodyClass cookie variable to the default URI...

CVE-2015-5953

Cross-site scripting XSS vulnerability in the activity application in ownCloud Server before 7.0.5 and 8.0.x before 8.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a " double quote character in a filename in a shared folder...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Wind Farm Portal application in Nordex Control 2 NC2 SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-6477

Multiple cross-site scripting XSS vulnerabilities in the Wind Farm Portal application in Nordex Control 2 NC2 SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-6844

Cross-site scripting XSS vulnerability in Reviewer in EMC SourceOne Email Supervisor before 7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in HP Smart Profile Server Data Analytics Layer SPS DAL 2.3 before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1813...

CVE-2015-7377

Cross-site scripting XSS vulnerability in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the invitaioncode parameter in a pie-register page to the default URI...

Cross site scripting

Cross-site scripting XSS vulnerability in the plugin upgrade form in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via the filename of an uploaded file containing errors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in open-flash-chart.swf in Open Flash Chart 2, as used in the VideoAds plugin in Revive Adserver before 3.2.2 and CA Release Automation formerly LISA Release Automation 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and...

Cross site scripting

Cross-site scripting XSS vulnerability in the "magic-macros" feature in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via a GET parameter, which is not properly handled in a banner...

CVE-2015-7365

Cross-site scripting XSS vulnerability in the plugin upgrade form in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via the filename of an uploaded file containing errors...

Open-Xchange (OX) App Suite Email Subject Cross Site Scripting Vulnerability

OpenX is prone to a cross-site scripting XSS vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

CVE-2015-5654

Cross-site scripting XSS vulnerability in Dojo Toolkit before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in Dojo Toolkit before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

p5-HTML-Scrubber -- XSS vulnerability

MITRE reports: Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.3 and Tivoli Storage FlashCopy Manager for VMware 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.3.0 allo...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in cpabcappointmentsadminintbookingslist.inc.php in the Appointment Booking Calendar plugin before 1.1.8 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...