Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186...

CVE-2013-3440

Multiple cross-site scripting XSS vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and earlier, and the ePO Extension for the McAfee Agent MA 4.5 through 4.6, allow remote attackers to inject arbitrary web script or HTML via the 1 instanceId parameter core/loadDisplayType.do; 2 instanceId or ...

CVE-2013-2364

Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-2361

Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-2364

Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-3414

Cross-site scripting XSS vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the...

CVE-2012-3414

Cross-site scripting XSS vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the...

CVE-2012-3414

Cross-site scripting XSS vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the...

CVE-2012-3414

Cross-site scripting XSS vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the...

CVE-2013-3422

Cross-site scripting XSS vulnerability in Administration pages in Cisco Secure Access Control System ACS allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75165...

Cross site scripting

Cross-site scripting XSS vulnerability in the web interface in Cisco Secure Access Control System ACS allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCud75174...

Cross site scripting

Cross-site scripting XSS vulnerability in Administration pages in Cisco Secure Access Control System ACS allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75165...

CVE-2013-3422

Cross-site scripting XSS vulnerability in Administration pages in Cisco Secure Access Control System ACS allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75165...

Cross site scripting

Cross-site scripting XSS vulnerability in Cisco Unified MeetingPlace Web Conferencing allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuh74981...

CVE-2013-3416

Cross-site scripting XSS vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 a...

CVE-2014-2538 rubygem rack-ssl: URL error display XSS

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in WordPress before 3.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 uploads of media files, 2 editing of media files, 3 installation of plugins, 4 updates to plugins, 5 installation of themes, or 6 updat...

CVE-2013-0237

Cross-site scripting XSS vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used in WordPress before 3.5.1 and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter...

CVE-2013-0581

Multiple cross-site scripting XSS vulnerabilities in IBM Business Process Manager BPM 7.5.1.x, 8.0.0.x, and 8.0.1 before FP1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving 1 ProcessPortal/jsp/socialPortal/dashboard.jsp, 2...