Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Open Source Point of Sale 2.3.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-5076

Multiple cross-site scripting XSS vulnerabilities in X2Engine X2CRM before 5.0.9 allow remote attackers to inject arbitrary web script or HTML via the 1 version parameter in protected/views/admin/formEditor.php; the 2 importId parameter in protected/views/admin/rollbackImport.php; the 3 bc, 4 fg,...

CVE-2015-5375

Cross-site scripting XSS vulnerability in unspecified dialogs for printing content in the Front End in Open-Xchange Server 6 and OX App Suite before 6.22.8-rev8, 6.22.9 before 6.22.9-rev15m, 7.x before 7.6.1-rev25, and 7.6.2 before 7.6.2-rev20 allows remote attackers to inject arbitrary web scrip...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in includes/metaboxes.php in the Gallery - Photo Albums - Portfolio plugin 1.3.47 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the 1 Media Title or 2 Media Subtitle fields...

CVE-2015-6010

Multiple cross-site scripting XSS vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to inject arbitrary web script or HTML via the 1 errorNo or 2 errorMsg parameter to error.php; the 3 viewType parameter to...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge through 2015-04-28 allow remote attackers to inject arbitrary web script or HTML via the 1 adminUserName, 2 pathToMYSQL, 3 databaseStructureFile, or 4 pathToBibutils parameter t...

CVE-2015-4539

Multiple cross-site scripting XSS vulnerabilities in EMC RSA Identity Management & Governance IMG before 7.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in EMC RSA Archer GRC 5.x before 5.5.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-4539

Multiple cross-site scripting XSS vulnerabilities in EMC RSA Identity Management & Governance IMG before 7.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-6238

Multiple cross-site scripting XSS vulnerabilities in the Google Analyticator plugin before 6.4.9.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 gaadsense, 2 gaadmindisableDimentionIndex, 3 gadownloadsprefix, 4 gadownloads, or 5 gaoutboundprefix parameter i...

CVE-2015-6938

Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Google Analyticator plugin before 6.4.9.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 gaadsense, 2 gaadmindisableDimentionIndex, 3 gadownloadsprefix, 4 gadownloads, or 5 gaoutboundprefix parameter i...

CVE-2015-7307

Cross-site scripting XSS vulnerability in the CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the configuration page...

CVE-2015-6938

Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PHP scripts in the management console on Symantec Web Gateway SWG appliances with software before 5.2.2 DB 5.0.0.1277 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated an attack against...

CVE-2015-6672

Cross-site scripting XSS vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allows remote attackers to inject arbitrary web script or HTML...

CVE-2015-6972

Multiple cross-site scripting XSS vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to inject arbitrary web script or HTML via the 1 groupchatName parameter to plugins/clientcontrol/create-bookmark.jsp; the 2 urlName parameter to plugins/clientcontrol/create-bookmark.jsp;...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Nokia Networks formerly Nokia Solutions and Networks and Nokia Siemens Networks @vantage Commander allow remote attackers to inject arbitrary web script or HTML via the 1 idFilter or 2 nameFilter parameter to cftraces/filter/flcopy.jsp; the 3...

CVE-2015-6929

Multiple cross-site scripting XSS vulnerabilities in Nokia Networks formerly Nokia Solutions and Networks and Nokia Siemens Networks @vantage Commander allow remote attackers to inject arbitrary web script or HTML via the 1 idFilter or 2 nameFilter parameter to cftraces/filter/flcopy.jsp; the 3...

CVE-2015-6945

Cross-site scripting XSS vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp...