CVE-2014-1456

Cross-site scripting XSS vulnerability in the login page in Open Web Analytics OWA before 1.5.6 allows remote attackers to inject arbitrary web script or HTML via the owauserid parameter to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter...

CVE-2014-1223

Cross-site scripting XSS vulnerability in controlpanel/loading.aspx in Telligent Evolution before 6.1.19.36103, 7.x before 7.1.12.36162, 7.5.x, and 7.6.x before 7.6.7.36651 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: some of these details are obtain...

CVE-2014-0046

Cross-site scripting XSS vulnerability in the link-to helper in Ember.js 1.2.x before 1.2.2, 1.3.x before 1.3.2, and 1.4.x before 1.4.0-beta.6, when used in non-block form, allows remote attackers to inject arbitrary web script or HTML via the title attribute...

CVE-2014-1968

Cross-site scripting XSS vulnerability in the XooNIps module 3.47 and earlier for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-4580

Multiple cross-site scripting XSS vulnerabilities in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-0840

Multiple cross-site scripting XSS vulnerabilities in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-6047

Multiple cross-site scripting XSS vulnerabilities in the site creation interface in ikiwiki-hosting before 0.20131025 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the site creation interface in ikiwiki-hosting before 0.20131025 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-6732

Cross-site scripting XSS vulnerability in the server in IBM Cognos Business Intelligence BI 8.4.1, 10.1 before IF6, 10.1.1 before IF5, 10.2 before IF7, 10.2.1 before IF4, and 10.2.1.1 before IF4 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter...

CVE-2014-1879

Cross-site scripting XSS vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action...

CVE-2014-1879

Cross-site scripting XSS vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action...

CVE-2014-0735

Cross-site scripting XSS vulnerability in the IP Manager Assistant IPMA interface in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum46470...

Cross site scripting

Cross-site scripting XSS vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in an IFRAME element, a...

Cross site scripting

Cross-site scripting XSS vulnerability in the API in Ubuntu Metal as a Service MaaS 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/...

CVE-2013-4499

Cross-site scripting XSS vulnerability in the Bean module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via the bean title...

Cross site scripting

Cross-site scripting XSS vulnerability in the Bean module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via the bean title...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the web based operator client in LiveZilla before 5.1.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 name of an uploaded file or 2 customer name in a resource created from an uploaded file, a different vulnerability...

Cross site scripting

Cross-site scripting XSS vulnerability in vTiger CRM 5.4.0 allows remote attackers to inject arbitrary web script or HTML via the 1 returnurl parameter to modules\comvtigerworkflow\savetemplate.php, or unspecified vectors to 2 deletetask.php, 3 edittask.php, 4 savetask.php, or 5 saveworkflow.php...

Cross site scripting

Cross-site scripting XSS vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the nodeid parameter in a ScreenDisplayManager genNetwork acti...