CVE-2011-2937

Cross-site scripting XSS vulnerability in the UI messages functionality in Roundcube Webmail before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter to the default URI...

CVE-2011-2672

Cross-site scripting XSS vulnerability in SemanticScuttle before 0.98 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-3423

Cross-site scripting XSS vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to inject arbitrary web script or...

Cross site scripting

Cross-site scripting XSS vulnerability in Microsoft Office SharePoint Server 2010, Windows SharePoint Services 2.0 and 3.0 SP2, and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "SharePoint XSS Vulnerability."...

CVE-2010-4837

Cross-site scripting XSS vulnerability in the JSupport comjsupport component 1.5.6 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the subject parameter title field in a saveTicket action to index2.php. NOTE: some of these details are obtained from third party...

CVE-2009-5099

Cross-site scripting XSS vulnerability in ViewAction in Pentaho BI Server 1.7.0.1062 and earlier allows remote attackers to inject arbitrary web script or HTML via the outputType parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the Flag Content module 5.x-2.x before 5.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via the Reason parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the management interface in Microsoft FAST ESP 5.1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the Sage add-on 1.3.10 and earlier for Firefox allows remote attackers to inject arbitrary web script or HTML via a crafted feed, a different vulnerability than CVE-2009-4102...

CVE-2011-3384

CVE-2011-3384 affects the Sage Firefox add-on (versions 1.3.10 and earlier). The root cause is improper processing during HTML page output based on feed information, enabling a cross-site scripting (XSS) vulnerability that could allow arbitrary scripts to run in the user’s browser. The documented...

Cross site scripting

Cross-site scripting XSS vulnerability in WebsiteBaker before 2.8, as used in LEPTON and possibly other products, allows remote attackers to inject arbitrary web script or HTML via unknown vectors, a different vulnerability than CVE-2006-2307...

CVE-2010-4828

Multiple cross-site scripting XSS vulnerabilities in SolarWinds Orion Network Performance Monitor NPM 10.1 allow remote attackers to inject arbitrary web script or HTML via the 1 Title parameter to MapView.aspx; NetObject parameter to 2 NodeDetails.aspx and 3 InterfaceDetails.aspx; and the 4...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SolarWinds Orion Network Performance Monitor NPM 10.1 allow remote attackers to inject arbitrary web script or HTML via the 1 Title parameter to MapView.aspx; NetObject parameter to 2 NodeDetails.aspx and 3 InterfaceDetails.aspx; and the 4...

Cross site scripting

Cross-site scripting XSS vulnerability in members.asp in Snitz Forums 2000 3.4.07 allows remote attackers to inject arbitrary web script or HTML via the MNAME parameter. NOTE: some of these details are obtained from third party information...

CVE-2010-4825

Cross-site scripting XSS vulnerability in magpiedebug.php in the Twitter Feed plugin wp-twitter-feed 0.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter...

CVE-2011-2226

Cross-site scripting XSS vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a pattern listing...

CVE-2011-2904

Cross-site scripting XSS vulnerability in acknow.php in Zabbix before 1.8.6 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter...

CVE-2011-2947

Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document...

CVE-2011-2947

Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection SEP 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via 1 the token parameter to portal/Help.jsp or 2 the URI in a...