Cross site scripting

Cross-site scripting XSS vulnerability in cgi/client.py in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the @action parameter to support/issue1...

Cross site scripting

Cross-site scripting XSS vulnerability in the Submitters list in Review Board 1.6.x before 1.6.18 and 1.7.x before 1.7.12 allows remote attackers to inject arbitrary web script or HTML via a user full name...

CVE-2013-7365

Cross-site scripting XSS vulnerability in SAP Enterprise Portal allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

Cross site scripting

Cross-site scripting XSS vulnerability in SAP Enterprise Portal allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

CVE-2013-2033

Cross-site scripting XSS vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-1716

Cross-site scripting XSS vulnerability in the RuntimeSetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS UXSS."...

CVE-2014-0509

Cross-site scripting XSS vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83...

Cross site scripting

Cross-site scripting XSS vulnerability in ClipBucket 2.6 allows remote attackers to inject arbitrary web script or HTML via the type parameter to viewchannel.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2012-6645

Cross-site scripting XSS vulnerability in the autocomplete functionality in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or HTML via the title of a node, a different vulnerability than...

CVE-2011-4958

Cross-site scripting XSS vulnerability in the process function in SSViewer.php in SilverStripe before 2.3.13 and 2.4.x before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the QUERYSTRING to template placeholders, as demonstrated by a request to 1 admin/reports/, 2...

Cross site scripting

Cross-site scripting XSS vulnerability in the cmstpvadminhead function in functions.php in the CMS Tree Page View plugin before 0.8.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cmstpvview parameter to wp-admin/options-general.php...

Cross site scripting

Cross-site scripting XSS vulnerability in redirect.php in the Socolissimo module modules/socolissimo/ in PrestaShop before 1.4.7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to "parameter names and values."...

CVE-2012-5567

Multiple cross-site scripting XSS vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.18, as used in Horde Groupware Webmail Edition before 4.0.9, allow remote attackers to inject arbitrary web script or HTML via crafted event location parameters in the 1 month, 2 monthlist, or ...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.17, as used in Horde Groupware Webmail Edition before 4.0.8, allow remote attackers to inject arbitrary web script or HTML via the 1 tasks view or 2 search view...

CVE-2012-5567

Multiple cross-site scripting XSS vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.18, as used in Horde Groupware Webmail Edition before 4.0.9, allow remote attackers to inject arbitrary web script or HTML via crafted event location parameters in the 1 month, 2 monthlist, or ...

Cross site scripting

Cross-site scripting XSS vulnerability in UserServlet in Cisco Emergency Responder ER 8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun24384...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in views/notify.php in the Uploader plugin 1.0.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 notify or 2 blog parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in dotCMS before 2.3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 loginUserName parameter to application/login/login.html, 2 myaccountlogin parameter to c/portalpublic/login, or 3 email parameter to forgotPassword...

CVE-2013-1770

Cross-site scripting XSS vulnerability in viewsview.php in Ganglia Web 3.5.7 allows remote attackers to inject arbitrary web script or HTML via the viewname parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in viewsview.php in Ganglia Web 3.5.7 allows remote attackers to inject arbitrary web script or HTML via the viewname parameter...