Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the testcanvas node in SAP NetWeaver Business Client NWBC allow remote attackers to inject arbitrary web script or HTML via the 1 title or 2 sap-accessibility parameter...

CVE-2014-4160

Multiple cross-site scripting XSS vulnerabilities in the testcanvas node in SAP NetWeaver Business Client NWBC allow remote attackers to inject arbitrary web script or HTML via the 1 title or 2 sap-accessibility parameter...

CVE-2014-4035

Cross-site scripting XSS vulnerability in bookingdetails.php in Best Soft Inc. BSI Advance Hotel Booking System 2.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter...

CVE-2014-0532

Cross-site scripting XSS vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to...

CVE-2014-0531

Cross-site scripting XSS vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to...

Cross site scripting

Cross-site scripting XSS vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to...

CVE-2014-0531

CVE-2014-0531 is an XSS vulnerability in Adobe Flash Player (and related AIR components) that could allow a remote attacker to inject arbitrary web script or HTML via unspecified vectors. Affected: Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X; Flash Player before ...

CVE-2014-2777

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-1778...

CVE-2014-1823

Cross-site scripting XSS vulnerability in the Web Components Server in Microsoft Lync Server 2010 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL containing a valid meeting ID, aka "Lync Server Content Sanitization Vulnerability."...

Cross site scripting

Cross-site scripting XSS vulnerability in the web management interface in Cisco AsyncOS on the Email Security Appliance ESA 8.0, Web Security Appliance WSA 8.0 .5 Hot Patch 1 and earlier, and Content Security Management Appliance SMA 8.3 and earlier allows remote attackers to inject arbitrary web...

CVE-2014-3289

Cross-site scripting XSS vulnerability in the web management interface in Cisco AsyncOS on the Email Security Appliance ESA 8.0, Web Security Appliance WSA 8.0 .5 Hot Patch 1 and earlier, and Content Security Management Appliance SMA 8.3 and earlier allows remote attackers to inject arbitrary web...

CVE-2014-3966

Cross-site scripting XSS vulnerability in Special:PasswordReset in MediaWiki before 1.19.16, 1.21.x before 1.21.10, and 1.22.x before 1.22.7, when wgRawHtml is enabled, allows remote attackers to inject arbitrary web script or HTML via an invalid username...

Cross site scripting

Cross-site scripting XSS vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the maptitle parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Transform Content Center in Bottomline Technologies Transform Foundation Server before 4.3.1 Patch 8 and 5.x before 5.2 Patch 7 allow remote attackers to inject arbitrary web script or HTML via the 1 pn parameter to index.fsp/document.pdf, ...

Cross site scripting

Cross-site scripting XSS vulnerability in the HTML export wizard in the backend module in the powermail extension before 1.6.11 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-3832

Cross-site scripting XSS vulnerability in the Documents component in ownCloud Server 6.0.x before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the printunescaped function...

Google Chrome Multiple Vulnerabilities - 01 (Jun 2014) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in unspecified backend components in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allow remote authenticated editors to inject arbitrary web script or HTML via unknown parameters...

CVE-2014-3943

Multiple cross-site scripting XSS vulnerabilities in unspecified backend components in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allow remote authenticated editors to inject arbitrary web script or HTML via unknown parameters...

Cross site scripting

Cross-site scripting XSS vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0,...