IBM QRadar SIEM Cross-Site Scripting Vulnerability (CNVD-2024-15725)

IBM QRadar SIEM is a solution from International Business Machines IBM that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...

CVE-2023-48903

Stored Cross-Site Scripting XSS vulnerability in tramyardg autoexpress 1.3.0, allows remote unauthenticated attackers to inject arbitrary web script or HTML within parameter "imgType" via in uploadCarImages.php...

CVE-2023-48903

Stored Cross-Site Scripting XSS vulnerability in tramyardg autoexpress 1.3.0, allows remote unauthenticated attackers to inject arbitrary web script or HTML within parameter "imgType" via in uploadCarImages.php...

CVE-2023-48903

Stored Cross-Site Scripting XSS vulnerability in tramyardg autoexpress 1.3.0, allows remote unauthenticated attackers to inject arbitrary web script or HTML within parameter "imgType" via in uploadCarImages.php...

Scholars Tracking System Cross-Site Scripting Vulnerability

Scholars Tracking System is a scholars tracking system by the individual developer Fabian Ros. Scholars Tracking System version 1.0 suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be...

Customer Support System Cross-Site Scripting Vulnerability (CNVD-2024-14025)

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a cross-site scripting vulnerability that stems fro...

Customer Support System Cross-Site Scripting Vulnerability (CNVD-2024-14027)

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a cross-site scripting vulnerability that stems fro...

Customer Support System Cross-Site Scripting Vulnerability

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a cross-site scripting vulnerability that stems fro...

BIT-MOODLE-2021-32244

Cross Site Scripting XSS in Moodle 3.10.3 allows remote attackers to execute arbitrary web script or HTML via the "Description" field...

BIT-ODOO-2021-26263

Cross-site scripting XSS issue in Discuss app of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to inject arbitrary web script in the browser of a victim, by posting crafted contents...

BIT-OPENFIRE-2020-24604

A Reflected XSS vulnerability was discovered in Ignite Realtime Openfire version 4.5.1. The XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via the GET request "searchName", "searchValue", "searchDescription", "searchDefaultValue","searchPlugin", "searchDescriptio...

BIT-ODOO-2021-44461

Cross-site scripting XSS issue in Accounting app of Odoo Enterprise 13.0 through 15.0, allows remote attackers who are able to control the contents of accounting journal entries to inject arbitrary web script in the browser of a victim...

BIT-DRUPAL-2020-9281

A cross-site scripting XSS vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment with the ckeprotected syntax...

BIT-LIMESURVEY-2022-48010

LimeSurvey v5.4.15 was discovered to contain a stored cross-site scripting XSS vulnerability in the component /index.php/surveyAdministration/rendersidemenulink?subaction=surveytexts. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into...

Cross site scripting

Cross-site scripting XSS vulnerability in RenderTune v1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Upload Title parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in Parents & Student Portal in Genesis School Management Systems in Genesis AIMS Student Information Systems v.3053 allows remote attackers to inject arbitrary web script or HTML via the message parameter...

Liferay Portal 7.4.x < 7.4.3.102 XSS

The version of Liferay Portal installed on the remote host is prior to 7.4.3.102. It is, therefore, affected by a vulnerability as referenced in the advisory. - Stored cross-site scripting XSS vulnerability in the Document and Media widget in Liferay Portal 7.4.3.18 through 7.4.3.101, and Liferay...

Cross-Site Scripting(XSS)

Liferay Portal and Liferay DXP are vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient sanitization in the HtmlUtil.escapeJsLink method, This flaws allowing remote attackers to inject arbitrary web script or HTML via crafted javascript: style links...

Cross-site Scripting (XSS)

Liferay Portal is vulnerable to stored cross-site scripting. The vulnerability is due to the improper neutralization of input during web page generation which allows remote authenticated users to inject arbitrary web script or HTML via a crafted payload injected into the first/middle/last name te...

Cross-Site Scripting

liferay portal is vulnerable to cross-site scripting XSS. The vulnerability is due to improper input validation in the portlet.js module of the Frontend JS library. This flaws allowing attackers to inject arbitrary web script or HTML via the anchor hash part of a URL...