Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via 1 the refresh parameter to PortfolioPublishServlet.java aka demo/portfolioPublish or Market Data Publisher, or vectors involving 2...

Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2013:144)

Multiple cross-site scripting XSS vulnerabilities in tblgisvisualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the 1 visualizationSettingswidth or 2 visualizationSettingsheight parameter CVE-2013-1937. This upgrade provides th...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in tblgisvisualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the 1 visualizationSettingswidth or 2 visualizationSettingsheight parameter. NOTE: a third party reports that this ...

Cross site scripting

Cross-site scripting XSS vulnerability in Splunk Web in Splunk 4.3.0 through 4.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka "HTML Sanitization Vulnerability."...

Cross site scripting

Cross-site scripting XSS vulnerability in the web interface in AirDroid allows remote attackers to inject arbitrary web script or HTML via a crafted text message that is transmitted by a managed phone...

CVE-2013-0125

Cross-site scripting XSS vulnerability in fileview.asp in C2 WebResource allows remote attackers to inject arbitrary web script or HTML via the File parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the Notifications form in Red Hat Subscription Asset Manager before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the username field...

Server: Multiple XSS vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in ownCloud 5.0.0 allow remote attackers to inject arbitrary web script or HTML via the "newname" POST parameter to renameTag.php in /apps/bookmarks/ajax/ Commits: 1c63eb1 stable5 Risk: Medium Note: Successful exploitation of this stored XSS...

Cross site scripting

Cross-site scripting XSS vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is...

CVE-2012-6550

Cross-site scripting XSS vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via "the clipText returned from the flash object," a different vulnerability than CVE-2013-1808...

CVE-2013-0502

Cross-site scripting XSS vulnerability in IBM InfoSphere Information Server 8.1, 8.5 through FP3, 8.7 through FP2, and 9.1 allows remote attackers to inject arbitrary web script or HTML via a malformed URL...

CVE-2013-0473

Multiple cross-site scripting XSS vulnerabilities in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allow remote attackers to inject arbitrary web script or HTML via a crafted report...

CVE-2012-6550

Cross-site scripting XSS vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via "the clipText returned from the flash object," a different vulnerability than CVE-2013-1808...

CVE-2013-1787

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Simple Corporate theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-1778

Cross-site scripting XSS vulnerability in the Creative Theme 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via vectors related to social icons...

Cross site scripting

Cross-site scripting XSS vulnerability in the admin view in the Search API searchapi module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a crafted field name...

Cross site scripting

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Fresh theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Premium Responsive theme before 7.x-1.6 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Simple Corporate theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...