CVE-2014-9032

Cross-site scripting XSS vulnerability in the media-playlists feature in WordPress before 3.9.x before 3.9.3 and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-9032

Cross-site scripting XSS vulnerability in the media-playlists feature in WordPress before 3.9.x before 3.9.3 and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-9035

Cross-site scripting XSS vulnerability in Press This in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-9032

Cross-site scripting XSS vulnerability in the media-playlists feature in WordPress before 3.9.x before 3.9.3 and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-9031

Cross-site scripting XSS vulnerability in the wptexturize function in WordPress before 3.7.5, 3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows remote attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post...

CVE-2014-9031

Cross-site scripting XSS vulnerability in the wptexturize function in WordPress before 3.7.5, 3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows remote attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post...

CVE-2014-9032

Cross-site scripting XSS vulnerability in the media-playlists feature in WordPress before 3.9.x before 3.9.3 and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-5312

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

CVE-2012-6662

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

Cross site scripting

Cross-site scripting XSS vulnerability in Liferay Portal Enterprise Edition EE 6.2 SP8 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the 20body parameter in the comment field in an uploaded file...

CVE-2014-7830

Cross-site scripting XSS vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse...

Cross site scripting

Cross-site scripting XSS vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse...

CVE-2014-7830

Cross-site scripting XSS vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse...

CVE-2014-5326

CVE-2014-5326 : Direct Web Remoting (DWR) has a cross-site scripting (XSS) vulnerability in versions up to 2.0.10 and 3.x up to 3.0.RC2. A remote attacker could inject arbitrary script/HTML via unspecified vectors in pages using DWR. Public details are consistent across IBM and SUSE advisories co...

Cross site scripting

Cross-site scripting XSS vulnerability in Simple Email Form 1.8.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the modsimpleemailformfield21 parameter to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in models/issue.go in Gogs aka Go Git Service 0.3.1-9 through 0.5.x before 0.5.8 allows remote attackers to inject arbitrary web script or HTML via the text parameter to api/v1/markdown...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in ZTE ZXDSL 831 allow remote attackers to inject arbitrary web script or HTML via the 1 tr69cAcsURL, 2 tr69cAcsUser, 3 tr69cAcsPwd, 4 tr69cConnReqPwd, or 5 tr69cDebugEnable parameter to the TR-069 client page tr69cfg.cgi; the 6 timezone parameter...

CVE-2014-7290

Multiple cross-site scripting XSS vulnerabilities in Atlas Systems Aeon 3.5 and 3.6 allow remote attackers to inject arbitrary web script or HTML via the 1 Action or 2 Form parameter to aeon.dll...

CVE-2014-8954

Multiple cross-site scripting XSS vulnerabilities in phpSound 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the 1 Title or 2 Description fields in a playlist or the 3 filter parameter in an explore action to index.php...

CVE-2014-8732

Cross-site scripting XSS vulnerability in phpMemcachedAdmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...