Cross site scripting

Cross-site scripting XSS vulnerability in Zenphoto before 1.4.3 allows remote attackers to inject arbitrary web script or HTML by triggering improper interaction with an unspecified library...

Cross site scripting

Cross-site scripting XSS vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-0302

Cross-site scripting XSS vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Server: Multiple stored XSS

Multiple cross-site scripting XSS vulnerabilities in ownCloud before 4.0.1 allow remote attackers to inject arbitrary web script or HTML via the calendar displayname to part.choosecalendar.rowfields.php part.choosecalendar.rowfields.shared.php in apps/calendar/templates/ unspecified vectors to...

CVE-2012-3835

Multiple cross-site scripting XSS vulnerabilities in AlienVault Open Source Security Information Management OSSIM 3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 url parameter to top.php or 2 time00 parameter to forensics/baseqrymain.php, which is not properly handled ...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php/users/form/userid in MyClientBase 0.12 allow remote attackers to inject arbitrary web script or HTML via the 1 firstname or 2 lastname parameters...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in PHP-pastebin 2.1 allows remote attackers to inject arbitrary web script or HTML via the title parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in vBulletin 4.1.12 allows remote attackers to inject arbitrary web script or HTML via a long string in the subject parameter when creating a post...

Cross site scripting

Cross-site scripting XSS vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the hostingtasklogtable function in modules/hosting/task/hostingtask.module in the Hostmaster Aegir module 6.x-1.x before 6.x-1.9 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a Drush log...

CVE-2012-2726

Cross-site scripting XSS vulnerability in the Protest module 6.x-1.x before 6.x-1.2 or 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "administer protest" permission to inject arbitrary web script or HTML via the protestbody parameter...

GLSA-201206-09 : MediaWiki: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201206-09 MediaWiki: Multiple vulnerabilities Multiple vulnerabilities have been discovered in mediawiki. Please review the CVE identifiers referenced below for details. Impact : MediaWiki allows remote attackers to bypass...

Cross site scripting

Cross-site scripting XSS vulnerability in the Administration Console in IBM WebSphere Application Server 7.0 before 7.0.0.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-2636

Cross-site scripting XSS vulnerability in KENT-WEB WEB PATIO 4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

[SECURITY] [DSA 2485-1] imp4 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2485-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst June 3, 2012 http://www.debian.org/security/faq -...

CVE-2012-2011

Multiple cross-site scripting XSS vulnerabilities in HP Web Jetadmin 8.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-1829

Multiple cross-site scripting XSS vulnerabilities in AutoFORM PDM Archive before 6.920 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields...

CVE-2012-2604

Multiple cross-site scripting XSS vulnerabilities in GuestAccess.jsp in the Guest/Contractor access component in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields...

CVE-2012-1825

Multiple cross-site scripting XSS vulnerabilities in the status program on the ForeScout CounterACT appliance with software 6.3.3.2 through 6.3.4.10 allow remote attackers to inject arbitrary web script or HTML via 1 the loginname parameter in a forgotpass action or 2 the username parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Bloxx Web Filtering before 5.0.14 allow 1 remote attackers to inject arbitrary web script or HTML via web traffic that is examined within the Bloxx Reports component, and allow 2 remote authenticated administrators to inject arbitrary web scrip...